使用Keyvault集成应用程序（使用图形api从AAD获取数据） [英] Integrating application (which get the data from AAD by using graph api ) with Keyvault

问题描述

在我的服务中，我试图通过使用Graph API来获取azure活动目录中的数据，方法是提及web.config文件中的所有客户端ID密钥，租户ID。但当我试图为我的服务实现密钥保险库时，我结束了例外
。以下是例外 

异常消息：尝试了以下4种方法来获取访问令牌，但没有一种方法有效。异常消息：尝试使用托管服务标识获取令牌。无法连接到托管服务标识（MSI）端点。请检查您的
是否在具有MSI setup的Azure资源上运行。参数： 

 public class UserKeyVaultHelper 
 
 {
 
 //此方法从Netsuite Key Vault中检索秘密。 
 
 public async Task< string> GetCredentialsFromAzureNetsuiteKeyVault（string keySecret）
 
 {
 
 var azureServiceTokenProvider = new AzureServiceTokenProvider（）; 
 
 var keyVaultClient = new KeyVaultClient（new KeyVaultClient.AuthenticationCallback（azureServiceTokenProvider.KeyVaultTokenCallback））; 
 
 var secret = awaitkeyVaultClient.GetSecretAsync（ConfigurationManager.AppSettings [" UserdataKeyVault"] + keySecret）.ConfigureAwait（false）; 
 
 return secret.Value.ToString（）; 
 
} 
 
} 

我收到错误的同时  检索  来自  key
vault。

提前致谢 

Hari Ankasala

解决方案

导航到SCM站点（Kudu）并打开ENV选项卡，检查是否存在MSI_ENDPOINT和MSI_SECRET envs

In my service i have trying to get the data from azure active directory by using Graph API by mentioning the all the client id secret key ,tenant id in web.config file . but when i tried to implement the key vault for my service which i'm end of with exception . Below is the exception 

Exception Message: Tried the following 4 methods to get an access token, but none of them worked. Exception Message: Tried to get token using Managed Service Identity. Unable to connect to the Managed Service Identity (MSI) endpoint. Please check that you are running on an Azure resource that has MSI setup.Parameters: 

public class UserKeyVaultHelper

    {

        // This method retrieves the secret from Netsuite Key Vault.

        public async Task<string> GetCredentialsFromAzureNetsuiteKeyVault(string keySecret)

        {

            var azureServiceTokenProvider = new AzureServiceTokenProvider();

            var keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));

            var secret = awaitkeyVaultClient.GetSecretAsync(ConfigurationManager.AppSettings["UserdataKeyVault"] + keySecret).ConfigureAwait(false);

            return secret.Value.ToString();

        }

    }

I'm getting the error while retrieving the values from key vault.

Thanks In Advance 

Hari Ankasala

解决方案

Navigate to SCM site (Kudu) and open ENV tab, check if MSI_ENDPOINT and MSI_SECRET envs exist.

这篇关于使用Keyvault集成应用程序（使用图形api从AAD获取数据）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！