通过AD Oauth的Azure Service Management API访问失败

Question

II'm having same issue as this - Azure Service Management API authentication using Azure Active Directory Oauth with slightly different scenario.

I'm running a headless app (with nunit to run integration tests) setup just as in http://msdn.microsoft.com/en-us/library/ee460782.aspx to get stage deployment url which is dynamic in all it's glory.

I can call production url and run tests while authenticating requests with AD in a headless fashion but not service management api. I've given permission to service management api for the service as in the walk-through.

Also, I get token via client credential calling :

result = context.AcquireToken(
  "https://management.core.windows.net/",
  "{clientId}",
  clientCredential,   // had client id and key
  new Uri("{redirectUri}"));

A get Unauthorized: A Security token exception occurred for the received JWT token.

The Get deployment url used is here - http://msdn.microsoft.com/en-us/library/ee460804.aspx I double-ched subscrption id, sevice names etc.

Anybody have insights on what's failing in spite of a seemingly valid token?

Is this ever known to be working with app key? I can't find a single example yet.

Answer 1

Use the AcquireToken(string resource, string clientId, UserCredential userCrential) overload instead. This is the function designed for headless apps.

Since the Service Management API only allows Delegated Permissions you need to supply credentials for a user (username and password) instead of an application (client id and key).