Valid authentication was not provided

Question

I am stuck on step 2.4 of this wiki

In the previous step, I get a valid token.

Why do I get "Valid authentication was not provided"?

I added a header called Authorization - see picture.

What am i missing?

Answer 1

I needed to do:

curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d 'client_id=<client id>&scope=https://api.loganalytics.io/.default&client_secret=<client secret>&grant_type=client_credentials' 'https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token'

to get this to work, i.e.:

POST /<your tenant id>/oauth2/v2.0/token
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials
&client_id=<>
&client_secret=<>
&scope=https://api.loganalytics.io/.default

I hope this helps someone :) It took way too long for me to figure this out lol.

Answer 2

Use API key

You may also create API key and use it for your request:

1. Go to Application Insights in Azure Portal
2. Click on API Access blade under Configure section
3. Create new API key
4. Use it in REST API calls in a header with Key = x-api-key

Answer 3

When we use Azure Log Analytics REST API to do a query, we need to use Authorization=Bearer eyJ.... as request Headers. For more details, please refer to here.

For example

1. Register Azure AD application

2. Configure API permissions for the AD application

3. Give the AAD Application access to our Log Analytics Workspace. Please assign Log Analytics Reader role to the AD application

4. Get access token

POST /<your tenant id>/oauth2/token HTTP/1.1
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded

grant_type =client_credentials
&client_id=<>
&client_secret=<>
&resource=https://westus2.api.loganalytics.io

4. Call the api

POST https://api.loganalytics.io/v1/workspaces/{workspaceId}/query
Authorization: Bearer ey...
Content-Type: application/json

{
    "query": ""
}