Reputation: 1224
Microsoft.Azure.Management.ApiManagement Implementation
I am trying to implement Azure API Management APIs using Microsoft.Azure.Management.ApiManagement 4.0.4-preview.
No where I see documentation for implementation. I tried below code. but I am getting authentication error.
Microsoft.Rest.Azure.CloudException: 'Authentication failed. The 'Authorization' header is provided in an invalid format.'
BasicAuthenticationCredentials basicAuthenticationCredentials = new BasicAuthenticationCredentials();
basicAuthenticationCredentials.UserName = "**********";
basicAuthenticationCredentials.Password = "*******";
var token = "Bearer **********"; // copied bear token from https://learn.microsoft.com/en-us/rest/api/apimanagement/user/get by logging proper user name and password
ApiManagementClient apiManagementClient = new ApiManagementClient(basicAuthenticationCredentials);
apiManagementClient.SubscriptionId = "*************************************";
apiManagementClient.HttpClient.DefaultRequestHeaders.TryAddWithoutValidation("Authorization", token);
apiManagementClient.ApiManagementService.Get("resourcegroupname", "POCAPIManagementService"); // error happening from this line
var user = apiManagementClient.User.Get("resourcegroupname", "POCAPIManagementService", "1");
Upvotes: 3
Views: 2539
Answers (3)
Reputation: 45
@Joseph, I had the same issue with unauthorized responses. Inspected the request made through the ApiManagementClient. Two things were wrong:
- Wrong url
- Missing authorization header.
Corrected this by doing:
var credentials = new MyCredentials();
var client = new ApiManagementClient(new Uri("https://management.azure.com/"), credentials);
client.SubscriptionId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
client.HttpClient.DefaultRequestHeaders.Add("Authorization", "Bearer " + credentials.AuthenticationToken);
var result = await client.User.ListByServiceAsync("resource-group", "service");
MyCredentials looks the same as the myServiceCredentials class in the previous response and it inherits from ServiceClientCredentials. Had to make the AuthenticationToken prop public though.
Upvotes: 2
Reputation: 1224
After two weeks struggle we found way to Microsoft.Azure.Management.ApiManagement dll Implementation.
1) Create application inside azure ad 2) Go to your APIM => Access control (IAM) Tab 3) Add the above created application (permission is required to do this in APIM) 4) Now you should be able to see Azure AD application in APIM Access control (IAM) Tab
This will provide delegated permission to your application which is created in Azure AD
We can use client credential flow to get delegated access token against Azure AD. Use scope as https://management.azure.com
The sample code for implementing client credential flow for Microsoft.Azure.Management.ApiManagement dll is given below.
public class myServiceCredentials : ServiceClientCredentials{
private string AuthenticationToken { get; set; }
public override void InitializeServiceClient<T>(ServiceClient<T> client)
{
var authenticationContext = new
AuthenticationContext("https://login.windows.net/{tenantID}");
var credential = new ClientCredential(clientId: "xxxxx-xxxx-xx-xxxx-xxx",
clientSecret: "{clientSecret}");
var result = authenticationContext.AcquireToken(resource:
"https://management.core.windows.net/", clientCredential: credential);
if (result == null)
{
throw new InvalidOperationException("Failed to obtain the JWT token");
}
AuthenticationToken = result.AccessToken;
}
}
Thank you https://github.com/Azure/azure-sdk-for-net/issues/4727
Upvotes: 4
Reputation: 20127
copied bear token from https://learn.microsoft.com/en-us/rest/api/apimanagement/user/get by logging proper user name and password
It seems that there is something wrong with the way you generate.
The authorization header should be a JSON Web Token that you obtain from Azure Active Directory, but directly from Azure Portal. For more details, you could refer to this article.
You can refer to this document for how to obtain a JWT from AAD and protect an API by using OAuth 2.0 with Azure Active Directory and API Management.
Upvotes: 0
Related Questions
- API Management Basic Authentication
- Azure API Managment - Configure operations through Code
- Azure APIM Soap Service
- How do I create an Azure API Management instance via C#?
- Azure API Authentication
- Azure api management and Web App
- How can I create API with my custom code in Azure?
- How to create an API Management service programmatically?
- Azure API Management Services API Create
- API Management Service - Administrator Group