Azure API 未能验证请求
Azure API failed to authenticate the request
我正在使用下一个代码获取用于 Azure AD 身份验证的令牌
errorMessage = "";
AuthenticationResult result = null;
var context = new AuthenticationContext(String.Format(CultureInfo.InvariantCulture, ConfigurationManager.AppSettings["login"], ConfigurationManager.AppSettings["tenantId"]),false);
ClientCredential clientCredential = new ClientCredential(ConfigurationManager.AppSettings["clientId"], ConfigurationManager.AppSettings["key"]);
try
{
result = context.AcquireToken(ConfigurationManager.AppSettings["apiEndpoint"], clientCredential);
}
catch (AdalException ex)
{
if (ex.ErrorCode == "temporarily_unavailable")
{
errorMessage = "Temporarily Unavailable";
return null;
}
else
{
errorMessage = "Unknown Error";
return null;
}
}
string token = result.AccessToken;
var credential = new TokenCloudCredentials(ConfigurationManager.AppSettings["subscriptionId"],token);
//string certificateString = ConfigurationManager.AppSettings["managementCertificate"];
//var cert = new X509Certificate2(Convert.FromBase64String(base64cer));
return credential;
之后我将在 Azure 中创建一个网站
using (var computeClient = new WebSiteManagementClient(credentials))
{
var result = computeClient.WebSites.IsHostnameAvailable(websiteName);
if (result.IsAvailable)
{
await computeClient.WebSites.CreateAsync(WebSpaceNames.WestEuropeWebSpace, new WebSiteCreateParameters() {
Name= websiteName,
ServerFarm= ConfigurationManager.AppSettings["servicePlanName"]
});
}
else
{
return ResultCodes.ObjectNameAlreadyUsed;
}
}
但每次执行时都会出现以下错误:
ForbiddenError: The server failed to authenticate the request. Verify that the certificate is valid and is associated with this subscription.
我尝试按照他们在此处所说的那样导入管理证书:
https://www.simple-talk.com/cloud/security-and-compliance/windows-azure-management-certificates/
也试过这个:
http://technetlibrary.com/change-windows-azure-subscription-azure-powershell/198
用于导入管理证书。
我还授予应用程序访问管理权限 API.
Azure AD 身份验证不使用管理证书身份验证。
MSDN 上有关于如何解决当前问题的很好的文档和代码示例。
Authenticating Service Management Requests
您的应用程序似乎没有访问 Azure API 的权限。
请使用此 link 获取权限。
在此之后请在应用权限或用户权限中添加访问权限API。
我正在使用下一个代码获取用于 Azure AD 身份验证的令牌
errorMessage = "";
AuthenticationResult result = null;
var context = new AuthenticationContext(String.Format(CultureInfo.InvariantCulture, ConfigurationManager.AppSettings["login"], ConfigurationManager.AppSettings["tenantId"]),false);
ClientCredential clientCredential = new ClientCredential(ConfigurationManager.AppSettings["clientId"], ConfigurationManager.AppSettings["key"]);
try
{
result = context.AcquireToken(ConfigurationManager.AppSettings["apiEndpoint"], clientCredential);
}
catch (AdalException ex)
{
if (ex.ErrorCode == "temporarily_unavailable")
{
errorMessage = "Temporarily Unavailable";
return null;
}
else
{
errorMessage = "Unknown Error";
return null;
}
}
string token = result.AccessToken;
var credential = new TokenCloudCredentials(ConfigurationManager.AppSettings["subscriptionId"],token);
//string certificateString = ConfigurationManager.AppSettings["managementCertificate"];
//var cert = new X509Certificate2(Convert.FromBase64String(base64cer));
return credential;
之后我将在 Azure 中创建一个网站
using (var computeClient = new WebSiteManagementClient(credentials))
{
var result = computeClient.WebSites.IsHostnameAvailable(websiteName);
if (result.IsAvailable)
{
await computeClient.WebSites.CreateAsync(WebSpaceNames.WestEuropeWebSpace, new WebSiteCreateParameters() {
Name= websiteName,
ServerFarm= ConfigurationManager.AppSettings["servicePlanName"]
});
}
else
{
return ResultCodes.ObjectNameAlreadyUsed;
}
}
但每次执行时都会出现以下错误:
ForbiddenError: The server failed to authenticate the request. Verify that the certificate is valid and is associated with this subscription.
我尝试按照他们在此处所说的那样导入管理证书: https://www.simple-talk.com/cloud/security-and-compliance/windows-azure-management-certificates/
也试过这个: http://technetlibrary.com/change-windows-azure-subscription-azure-powershell/198
用于导入管理证书。
我还授予应用程序访问管理权限 API.
Azure AD 身份验证不使用管理证书身份验证。
MSDN 上有关于如何解决当前问题的很好的文档和代码示例。 Authenticating Service Management Requests
您的应用程序似乎没有访问 Azure API 的权限。 请使用此 link 获取权限。 在此之后请在应用权限或用户权限中添加访问权限API。