Reputation: 982
Trying to Connect to Azure using Environment Credentials Not Working
I have been trying to run some sample code to connect to Axure for the sake of understanding and testing how my application will work on a server. In my "real" code, I have a C# Web API (.NET 4.8) which has a class library that kicks off an Azure Data Factory Pipeline. On my local PC, this works fine because I am using Visual Studio to authenticate to Azure.
However, I need to test how this will work on a server. So my sample code below is just pulling a secret from an Azure KeyVault as a POC (Proof of Concept). From my understanding, when using DefaultAzureCredential, it authenticates in the following order:
- EnvironmentCredential
- ManagedIdentityCredential
- SharedTokenCacheCredential
- VisualStudioCredential
- VisualStudioCodeCredential
- AzureCliCredential
- InteractiveBrowserCredential
I would like to test using the first option, EnvironmentCredential. Looking @ the Microsoft documentation @ EnvironmentCredential class I have a few options. For now, I need to use the last option, which requires I have the following Environment Variables set:
- AZURE_TENANT_ID
- AZURE_CLIENT_ID
- AZURE_USERNAME
- AZURE_PASSWORD
I am still receiving the error:
DefaultAzureCredential failed to retrieve a token from the included credentials. EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
**
- What Am I Missing? Why is This Failing?
**
More supporting evidence below.
See the screenshot below where I have set up the environment variables:
Code:
var client = new SecretClient(vaultUri: new Uri(url), credential: new DefaultAzureCredential());
var secretData = client.GetSecret("Secret");
Upvotes: 1
Views: 4012
Answers (1)
Reputation: 7377
DefaultAzureCredential failed to retrieve a token from the included credentials. EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
I have set the Environment Variables under User Variables.
Also, set these variables in the deployed Azure App => Configuration => Application Settings.
- The values which are set in the App Settings are available as Environment Variables.
- To verify whether Environment Variables are set correctly, try to retrieve the Values before calling
DefaultAzureCredential. - Comment the code related to retrieving the KeyVault and try to display the Environment Variables.
Ex:
string tenantId = Environment.GetEnvironmentVariable("APPSETTING_AZURE_TENANT_ID");
Code to retrieve secrets fro mKeyVault.
var kvURL = "https://KV15June.vault.azure.net/";
var credential = new DefaultAzureCredential();
var client = new SecretClient(new Uri(kvURL), credential);
var secret1 = client.GetSecret("Secret1").Value.Value;
As you are using Username and password: to authenticate, make sure the account which you are using is not MFA Enabled as mentioned in the MSDoc.
Upvotes: 2
Related Questions
- Azure KeyVault: Azure.Identity.CredentialUnavailableException: DefaultAzureCredential failed to retrieve a token from the included credentials
- Issue in accessing Azure Keyvault - DefaultAzureCredential failed to retrieve a token
- AttributeError: 'MonitorManagementClient' object has no attribute 'location' Microsoft Azure
- Using DefaultAzureCredential Locally to access Azure Azure Key Vault (using IIS)
- Unable to read secret from Azure Key Vault from Azure Service Fabric App
- From localhost C# Web API - Accessing secret from Azure KeyVault throws error Invalid Issuer
- Using InteractiveBrowserCredential to authenticate to Azure Key Vault on production won't work
- Azure KeyVault: how to create clientId and clientSecret?
- Use encrypted Azure credentials when initializing new SecretClient