“未经授权"使用Azure AD OAuth身份验证从Azure Scheduler调用API应用时 [英] "Unauthorized" when invoking an API App from Azure Scheduler with Azure AD OAuth authentication
问题描述
我有一个已通过Azure Active Directory身份验证保护的API应用程序.我想使用Azure Scheduler调用的此API应用程序的操作.我输入了租户ID,客户ID和进入计划程序"操作的机密.
I have an API App which I have secured with Azure Active Directory authentication. Actions of this API App I want to invoke with Azure Scheduler. I entered tenant id, client id & secret into the Scheduler action.
当我安排或执行工作时,我得到:
When I schedule or run the job I get:
Http Action - Response from host 'xxxx.azurewebsites.net': 'Unauthorized'
诊断应用程序日志给我:
Diagnostic application log gives me:
JWT validation failed: IDX10214: Audience validation failed. Audiences:
'https://management.core.windows.net/'. Did not match:
validationParameters.ValidAudience: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx' or
validationParameters.ValidAudiences: 'https://xxxx.azurewebsites.net'.
推荐答案
After some digging I found this somehow related entry.
所以我真的进入了资源浏览器,一直到我的API应用程序的authsettings节点,并添加了缺少的受众条目:
So I really got into the Resource Explorer, down to the authsettings node of my API App and added the missing audience entry:
"allowedAudiences": [
"https://xxxx.azurewebsites.net",
"https://management.core.windows.net/"
],
问题解决了.
这篇关于“未经授权"使用Azure AD OAuth身份验证从Azure Scheduler调用API应用时的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!