CODEWITHSUNDEEP
azure-web-app-serviceazure-sql-database
ml123
ml123

Reputation: 1251

Connecting from Azure App Service to Azure SQL using User-assigned Managed Identity

I'm trying to connect my App Service to Azure SQL using user-assigned managed identity.

Here is what I've done so far:

  1. Created the user-assigned managed identity
  2. Assigned it to the App Service
  3. Added the user to the SQL and assigned it a role
  4. Added an app setting named AZURE_CLIENT_ID with the client id of the identity
  5. In the connection string, added the Authentication=Active Directory Managed Identity;User ID=<client id of the identity>;

It's important to note that I have also a VM in Azure using the very same code, and there it works flawlessly.

However, with the app service, I keep getting the following error:

Received a non-retryable error. Identity Response Code: BadRequest, Response: {"statusCode":400,"message":"No User Assigned or Delegated Managed Identity found for specified ClientId/ResourceId/PrincipalId."}

Note that with system-assigned managed identity it works without any problem.

What am I missing? How can I make it work?

Upvotes: 5

Views: 1026

Answers (1)

Ed_Ru
Ed_Ru

Reputation: 134

I had the same problem connecting to a StorageAccount from an Azure Function with an User-assigned managed identity, finally it's working for me adding the following environment-variables/App Settings:

AZURE_CLIENT_ID = Application ID (User-assigned managed identity)
AZURE_PRINCIPAL_ID = Object ID (User-assigned managed identity)
AZURE_TENANT_ID = Tenant ID

Hope it helps you.

Upvotes: 0

Related Questions