Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to authorise request Azure REST API?

I am creating a program to drop CDN cache. And so I did as documentation said I still get this:

{ "error": { "code": "AuthenticationFailedInvalidHeader", "message": "Authentication failed. The 'Authorization' header is provided in an invalid format." } }

So it basically says that the Authentication token itself is malformatted (not wrong or expired). Even though I did as documentation suggested.

My Request-Response flow looks like this (I obfuscated real data):

REQUEST

 POST /subscriptions/29bdq1a7-348b-48fe-b9e6-b90c432892ff/resourceGroups/cdn-4/providers/Microsoft.Cdn/Profiles/CDN-3-Premium/endpoints/custom-endpoint.azureedge.net/purge?api-version=2015-06-01 HTTP/1.1
Content-Length: 90
User-Agent: GuzzleHttp/6.1.1 curl/7.35.0 PHP/7.0.2-2+deb.sury.org~trusty+1
Host: management.azure.com
Authorization: SharedAccessSignature uid=56c6d48a66904d02ce030003&ex=2017-02-19T11:41:00.0000000Z&sn=9wBsmFuP1ps01rt8nVlvsiAIdJMOqNsmGaiXUlfT35RxOvWAjHHcSIQdJA8v9wGvX4bJgX5fu1QyqVG6y9iQ6Q==
Content-Type: application/json

{
    "ContentPaths": [
        "/uploads/static/ads_en.json",
        "/pic2.jpg"
    ]
}

  RESPONSE

  HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
WWW-Authenticate: Bearer authorization_uri="https://login.windows.net/c87x6f33-af21-4461-a5b1-29647d8e9281", error="invalid_token", error_description="The authentication scheme of SharedAccessSignature is not supported."
x-ms-failure-cause: gateway
x-ms-request-id: 3514027b-e731-411c-b8es-cdf77d636284
x-ms-correlation-request-id: 3514137b-e731-411c-b8ee-cdf77d636284
x-ms-routing-request-id: WESTEUROPE:20160219T110919Z:3514037b-e731-411c-b7ee-cdf77d636184
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Fri, 19 Feb 2016 11:09:19 GMT
Connection: close
Content-Length: 150

{"error":{"code":"AuthenticationFailedInvalidHeader","message":"Authentication failed. The 'Authorization' header is provided in an invalid format."}}\

Can you suggest the way to solve it?

like image 297
Dmitriy Lezhnev Avatar asked Feb 19 '16 11:02

Dmitriy Lezhnev


People also ask

How do I grant permissions in Azure API?

Select Azure Active Directory > App registrations, and then select your client application. Select API permissions > Add a permission > Microsoft Graph > Application permissions.


1 Answers

Part of the confusion I think is that there are two distinct Azure Management APIs (and nothing to do with Azure API Management).

There is the "Service Management" APIs and the Azure Resource Manager APIs (ARM).

The base URL you are using is for the ARM APIs and they don't use Shared Access Signatures. The best article around on calling the ARM APIs directly is here, http://blog.davidebbo.com/2015/12/calling-arm-using-plain-rest.html

like image 103
Darrel Miller Avatar answered Sep 24 '22 19:09

Darrel Miller