Reputation: 141
Azure Resource Manager Authentication Failure
I am trying to use node.js to access the azure resource manager with the following example code:
msRestAzure.interactiveLogin(function(err, credentials) {
if (err) console.log(err);
var client = new resourceManagement.ResourceManagementClient(credentials, 'token');
client.resources.list(function(err, result) {
if (err) console.log(err);
console.log(result);
});
});I get the following error when I run it:
{ Error: The access token is from the wrong issuer 'https://sts.windows.net/token/'. It must match the tenant 'https://sts.windows.net/token/' associated with this subscription. Please use the authority (URL) 'https://login.windows.net/token' to get the token. Note, if the subscription is transferred to another tenant there is no impact to the services, but information about new tenant could take time to propagate (up to an hour). If you just transferred your subscription and see this error message, please try back later.
at client.pipeline.error (D:\azure-arm\node_modules\azure-arm-resource\lib\resource\operations\resources.js:496:19)
at retryCallback (D:\azure-arm\node_modules\ms-rest\lib\filters\systemErrorRetryPolicyFilter.js:89:9)
at retryCallback (D:\azure-arm\node_modules\ms-rest\lib\filters\exponentialRetryPolicyFilter.js:140:9)
at D:\azure-arm\node_modules\ms-rest\lib\filters\rpRegistrationFilter.js:59:14
at handleRedirect (D:\azure-arm\node_modules\ms-rest\lib\filters\redirectFilter.js:39:9)
at D:\azure-arm\node_modules\ms-rest\lib\filters\formDataFilter.js:23:14
at Request.defaultRequest [as _callback] (D:\azure-arm\node_modules\ms-rest\lib\requestPipeline.js:125:16)
at Request.self.callback (D:\azure-arm\node_modules\request\request.js:185:22)
at emitTwo (events.js:106:13)
at Request.emit (events.js:191:7)Any place you see token, I've replaced the actual value that was there. The subscription ID I'm providing is correct. I have tried logging in directly rather than using the key above and it had the same effect. Ideally we'd want an application in azure to have access to the arm API but it doesn't look like that's possible in active directory, and I can't seem to get this to work. Any help would be appreciated.
Upvotes: 0
Views: 205
Answers (1)
Reputation: 3484
I have used ms-rest-azure versioned 2.6.0 and azure-arm-resource versioned 7.3.0 and it was working fine for me with the same code.
I think its secure to authenticate using service principal authentication way or basic authentication way rather than by interactive login authentication way. We have the steps of these other ways of authentication in here -> https://github.com/Azure/azure-sdk-for-node/blob/master/Documentation/Authentication.md#using-authentication-in-your-nodejs-script which you may try if interested.
Also, as you are ideally looking for application in Azure to have access to the ARM API so I think its worthwhile to give a read of this article -> https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-api-authentication
Hope this helps!!
Upvotes: 0
Related Questions
- 'Unable to Authenticate' when trying to connect to Azure DevOps Artifacts feed through npm; I get an E401 error
- Azure msal ClientAuthError Help @azure/msal-node
- Microsoft Azure Cloud service management API fails with 401: Unauthorized error?
- @azure/identity node.js cannot authenticate
- How do I get Azure credentials using "@azure/ms-rest-nodeauth" in node.js?
- ms-rest-nodeauth (azure-sdk-for-js) : Error: credentials argument needs to implement signRequest method
- NodeJs 403 Provided Authentication is not valid for Resource AUTH HEADER ISSUE
- Trying to set up API Management REST API Authentication w/ Node JS
- Azure Resource manager .Net API fails to get Resource group
- 403 error when authenticating with Azure Management API - nodejs