[英]How to manage every Microsoft Azure user resource with access token?
I would like to create an MVC application, where users can be authorized with their Azure subscription and after that my application can manage their resources hosted in Microsoft Azure (VM-s, Web Sites, etc.) 我想创建一个MVC应用程序,可以在其中授权用户的Azure订阅,然后我的应用程序可以管理其在Microsoft Azure中托管的资源(VM,网站等)。
I created an application with the help of this tutorial . 我在本教程的帮助下创建了一个应用程序。
I can create cloud storages, VMs, etc, so it seems works fine. 我可以创建云存储,VM等,因此看起来工作正常。
After that I tried to log in with a different Azure account. 之后,我尝试使用其他Azure帐户登录。 I can get the Subscription, but I can't manage the resources of that user, I always get an exception:
我可以获得订阅,但是我无法管理该用户的资源,但总是会遇到异常:
Additional information: AuthenticationFailed: A security token exception occured for the received JWT token.
It seems that with this technique I can manage only my resources. 似乎通过这种技术,我只能管理我的资源。
My question is how can I do the following with every other user? 我的问题是如何与其他所有用户一起执行以下操作? Can I do this with this method or I have to make it another way?
我可以使用这种方法执行此操作,还是必须另辟way径?
The application you are creating is allowed to access your resources, and not the resources of other subscriptions. 您正在创建的应用程序被允许访问您的资源,而不是其他订阅的资源。 If you want to manage other subscriptions you would need to have one application defined as in the tutorial for every subscription you want to manage.
如果要管理其他订阅,则需要为每个要管理的订阅定义一个应用程序,如本教程中所述。
AFAIK, there is no API to create an application in AAD, therefore your scenario would require users to manually create these applications, which seems to me a dealbreaker. AFAIK,没有在AAD中创建应用程序的API,因此您的方案将要求用户手动创建这些应用程序,在我看来这是一个破坏者。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.