我对微软分散的文档有点困惑。
我创建了一个应用程序(https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal),这意味着我现在有:
我已进入Azure Portal中的KeyVault,并且已授予应用程序权限。
出于测试目的,我尝试通过 CURL 运行测试。我为此使用的基础是以下 Microsoft 页面(https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-oauth-service-to-service#request-an-access-token https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-oauth-service-to-service#request-an-access-token and https://learn.microsoft.com/en-us/rest/api/#create-the-request https://learn.microsoft.com/en-us/rest/api/#create-the-request)
因此,我做的第一件事是通过以下调用获取令牌:
curl -d "grant_type=client_credentials&client_id=<removed_for_security>&client_secret=<removed_for_security>" https://login.microsoftonline.com/<removed_for_security>/oauth2/token
这会返回一个令牌。
然后我(尝试)按如下方式使用该令牌:
curl -H "Authorization: Bearer <removed_for_security>” -vv https://<removed_for_security>.vault.azure.net/secrets/<removed_for_security>/<removed_for_security>
我没有收到任何内容,只是“HTTP/1.1 401 Unauthorized”
您需要指定您请求令牌的资源。
curl -d "grant_type=client_credentials&client_id=<removed_for_security>&client_secret=<removed_for_security>&resource=https://vault.azure.net" https://login.microsoftonline.com/<removed_for_security>/oauth2/token
并添加 api 版本。
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)
