Reputation: 85
Azure API retrieving SAS policy, error InvalidHostName
I am trying to create an Event Hub in Azure using the REST APi ( with Postman ) but I am getting an error in the process of generating the SAS token.
curl --location --request POST 'https://login.microsoftonline.com/0e3603bd-2f0b-43e2-b9b5-5d456791cf33/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=myclientid' \
--data-urlencode 'client_secret=myclientsecret' \
--data-urlencode 'resource=https://management.azure.com/'
I store the bearer token and use it to authentificate on the following requeste: First create the Event Hub namespace :
''' curl --location --request PUT 'https://management.azure.com/subscriptions/6fa11037-363b-4ff4-a5a2-f4e93efa527c/resourceGroups/easypeasybi/providers/Microsoft.EventHub/namespaces/easypeasybi?api-version=2017-04-01' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer mybearertoken' \ --data-raw '{"location":"francecentral"}'
''' Now in order to create the Event Hub, I need to build a SAS token,therefore I need to retrieve the SAS policy first: The creation of the Namespace generate a SAS policy named RootManageSharedAccessKey, I can list all the policy using this call :
curl --location --request GET 'https://management.azure.com/subscriptions/6fa11037-363b-4ff4-a5a2-f4e93efa527c/resourceGroups/easypeasybi/providers/Microsoft.EventHub/namespaces/easypeasybi/AuthorizationRules?api-version=2017-04-01' \
--header 'Authorization: Bearer mybearertoken'
Lastly, I am trying to retrieve the RootManageSharedAccessKey policy but I am getting an error
{
"error": {
"code": "InvalidHostName",
"message": "The provided host name 'easypeasybi.servicebus.windows.net' is not whitelisted. "
}
}
The code I am using is the following
curl --location --request POST 'https://management.azure.com/subscriptions/6fa11037-363b-4ff4-a5a2-f4e93efa527c/resourceGroups/easypeasybi/providers/Microsoft.EventHub/namespaces/easypeasybi/AuthorizationRules/RootManageSharedAccessKey/listKeys?api-version=2017-04-01' \
--header 'Content-Type: application/atom+xml;type=entry;charset=utf-8' \
--header 'Host: easypeasybi.servicebus.windows.net' \
--header 'Authorization: Bearer mybearertoken' \
--data-raw '<entry xmlns='\''http://www.w3.org/2005/Atom'\''>
<content type='\''application/xml'\''>
<EventHubDescription xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/netservices/2010/10/servicebus/connect">
</EventHubDescription>
</content>
</entry> '
Upvotes: 0
Views: 199
Answers (1)
Reputation: 30025
In the header, the Host should be management.azure.com.
So in you command, change this line of code
--header 'Host: easypeasybi.servicebus.windows.net' \
to
--header 'Host: management.azure.com' \
Upvotes: 1
Related Questions
- Azure storage SAS failed to authenticate
- Creating SAS token with ARM template: error InvalidValuesForRequestParameters
- Invalid SAS token being created for Azure API Management
- Error generating Azure container SAS token using Python SDK
- Azure SAS token AuthorizationResourceTypeMismatch
- Azure Rest API usage with SAS Service
- AuthenticationFailed after creating sas token with New-AzStorageBlobSASToken
- Azure SAS Token issues
- Azure File Storage SAS token - error 403
- What could be the reason? Azure SAS token request going as http instead of https