Comments (7)
from azure-sdk-for-java.
Thank you for your feedback. Tagging and routing to the team member best able to assist.
from azure-sdk-for-java.
Changed the code like this -
TokenCredential managedIdentityCredential = (new ManagedIdentityCredentialBuilder()).clientId(clientId)
.build();
String accessToken = ((AccessToken) managedIdentityCredential.getToken((new TokenRequestContext())
.addScopes(new String[] { "https:///.default" })).block())
.getToken();
Still getting error like this -
2024-05-09 12:21:05.499 [ForkJoinPool.commonPool-worker-1] [ERROR] com.azure.identity.ManagedIdentityCredential - Azure Identity => ERROR in getToken() call for scopes [https:///.default]: Managed Identity authentication is not available.
Can you pls confirm if this is a bug in the SDK that needs to be fixed. Is there an alternate way to fetch AAD Token for workload identity?
from azure-sdk-for-java.
At the moment, this is blocking me to implement workload identity.
from azure-sdk-for-java.
Hello! Can you help me understand the scenario? Generally these credentials are used in the context of one of our service clients (such as KeyVaultClient
.) Is that also failing, and you are simplifying the repro here? Can you try a scope like https://vault.azure.net
or https://management.azure.com
?
from azure-sdk-for-java.
from azure-sdk-for-java.
I had the same issue, with debugging I figured out that the workload identity did not have the appropriate rights for the requested scope.
The token exchange API (https://login.microsoftonline.com/<tenantId>/oauth2/v2.0/token
) does return the following JSON body:
{
"error": "invalid_grant",
"error_description": "AADSTS501051: Application '<censored app id>'(<censored app name>) is not assigned to a role for the application 'api://<censored api id>'(<censored api name>). Trace ID: <censored trace id> Correlation ID: <censored correlation id> Timestamp: <censored timestamp>",
"error_codes": [
501051
],
"timestamp": "<censored timestamp>",
"trace_id": "<censored trace id>",
"correlation_id": "<censored correlation id>",
"error_uri": "https: //login.microsoftonline.com/error?code=501051"
}
But the azure identity library (I am using 1.12.2) does not print any error message and the response body is swallowed because the status code returned is 400, and the HttpURLConnection class, which executes this call ignores the body for this response code.
from azure-sdk-for-java.
Related Issues (20)
- [BUG] GetChatCompletionsStreamAsyncSample code not working HOT 2
- Migration directions from old azure-storage HOT 3
- [BUG] Failed to upload blob: Wrong number of arguments; expected 1, got 0 HOT 6
- [BUG] ChatRequestUserMessage content is binaryData
- [BUG] azure-core-http-netty 1.15.1 contains wrong netty.version property HOT 5
- [FEATURE REQ] add a LIVE test for oracledatabase HOT 2
- Typo "a Azure"→"an Azure" HOT 1
- Typo "a Azure"→"an Azure" HOT 1
- [BUG] PagedIterable<BlobItem> stream().paralllel() is behaving as sequential HOT 2
- [BUG] Azure Communication Service Job Router RouterValue class Deserialize Issue HOT 1
- Factory method 'openAIClient' threw exception; nested exception is java.lang.NoClassDefFoundError: reactor/util/Loggers HOT 3
- Detected an instance of Random/SplittableRandom class in the image heap HOT 2
- [BUG] Cosmos hangs forever with CosmosEndToEndOperationLatencyPolicyConfig set HOT 2
- [OpenAI] Support token calculation in streaming API
- Use an access token directly instead of token credential HOT 1
- [BUG] Azure Communication Service Job Router Java SDK having Deserialize Issue for RouterValue class HOT 3
- Receive message connection from ServiceBusProcessorClient closes due to inactivity in service bus HOT 3
- [Question] Implementing Long-Running Operations with SyncPoller HOT 3
- Change BinaryData fromObject(Object) and toObject(Class<T>) / toObject(TypeReference<T>) behavior
- OpenRewrite recipes for moving usages from azure-core to io.clientcore
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-sdk-for-java.