stackoom
  简体   繁体   中英

Which permissions are required for ARM REST API

 原文  2019-09-26 11:48:25       java/ azure/ azure-resource-manager

Question

I am trying to create an application that can connect to ARM ( https://management.azure.com ) retrieve some information from it. I already created one that use Microsoft Graph ( https://graph.microsoft.com ) and works fine, however now I need to get information that is only available on ARM.

I look up on internet about the permissions required, specially on Microsoft Docs, however all the documentation that I was able to find refers only to Microsoft Graph or Windows Graph.

Do you know which permissions should I request through the portal?

public String getAccessToken() throws MalformedURLException, InterruptedException, ExecutionException, ServiceUnavailableException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException
{
    AuthenticationContext objContext;
    AuthenticationResult objToken;
    ExecutorService objService;
    Future<AuthenticationResult> objFuture;
    objService = null;
    objToken = null;
    try
    {
        objService = Executors.newFixedThreadPool(1);
        objContext = new AuthenticationContext(this.getAuthorize(), false, objService);
        objFuture = objContext.acquireToken("https://management.azure.com", this.getApplicationID(), this.getUsername(), SecureText.getInstance().decode(this.getPassword()), null);
        objToken = objFuture.get();
        this.getLogger().info("Connection to Azure Resource Manager".concat(this.getClass().getSimpleName().toLowerCase()).concat(" successfully stablished"));
    }
    finally
    {
        objService.shutdown();
    }
    if (objToken == null)
    {
        throw new ServiceUnavailableException("Authentication Service is not available");
    }
    return objToken.getAccessToken();
}

The following error is displayed:

com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS65001: The user or administrator has not consented to use the application with ID 'e1b0615a-911d-4ccf-bf16-e8d0c1c2f8b5' named 'XXXXXXX'. Send an interactive authorization request for this user and resource.\r\nTrace ID: 9731e9b7-116d-4c5e-b219-ab96e12c4300\r\nCorrelation ID: faa9a023-3237-4367-9c66-eec9b77e2805\r\nTimestamp: 2019-09-26 11:20:54Z","error":"invalid_grant"}

1 answers

solution1
 1  2019-09-29 04:47:37

Have seen similar error in past.

Granting the permission via:

Azure Active Directory -> App Registrations -> MyApp -> Api Permissions -> Grant Admin Consent button

helped me.

Similar posts - The user or administrator has not consented to use the application - Send an interactive authorization request for this user and resource

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Which permissions are required for PCFAgent enquiries? Java REST api for determining the rally permissions for user From which api should i ask permissions? Required a bean of type that could not be found REST API How to access Azure Storage Table using REST API (ARM) Salesforce: Which API to use without Login required? How can I give full permissions to Google Drive REST API? How to get Atlassian Confluence Space permissions by REST API? Which dependencies are required for a spring-boot maven rest application? Missing permissions required by FusedLocationClient
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM