Authorizing an Azure REST API Request

Question

I am trying to write a local console application which will swap an Azure Web App slot using the Azure REST API. Using the following code I get a 401 (Unauthorized) response:

public async Task Swap(string subscription, string resourceGroup, string site, string slot) 
{
    var client = new HttpClient();

    var url =
        $"https://management.azure.com/subscriptions/{subscription}/resourceGroups/{resourceGroup}/providers/Microsoft.Web/sites/{site}/applySlotConfig?api-version=2016-08-01";

    var data = new {preserveVnet = true, targetSlot = slot};

    var message = new HttpRequestMessage
    {
        RequestUri = new Uri(url),
        Method = HttpMethod.Post,
        Content = new StringContent(JsonConvert.SerializeObject(data), Encoding.UTF8, "application/json")
    };

    var response = await client.SendAsync(message);

    Console.WriteLine(response.StatusCode);
}

I know I need to put in some kind of credentials but what I have found seems to apply to apps using Azure AD for authentication. This will be a publicly accessible web app with anonymous authentication.

Please see this for authenticating Azure Resource Manager API authentication: https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-rest-api. — Gaurav Mantri, Dec 28 '17 at 10:11

score 0 · Accepted Answer · answered Dec 28 '17 at 10:12

0

Generally speaking you need to attach a Authorization header to the request with the Auth token. There are numerous ways of getting it, see this link or this.

answered Dec 28 '17 at 10:12

4c74356b41

69,186
6
100
141

score 0 · Answer 2 · answered Dec 28 '17 at 10:54

This is how I managed to do it (using the provided links):

private async Task<string> GetAccessToken(string tenantName, string clientId, string clientSecret)
{
    var authString = "https://login.microsoftonline.com/" + tenantName;
    var resourceUrl = "https://management.azure.com/";

    var authenticationContext = new AuthenticationContext(authString, false);
    var clientCred = new ClientCredential(clientId, clientSecret);
    var authenticationResult = await authenticationContext.AcquireTokenAsync(resourceUrl, clientCred);
    var token = authenticationResult.AccessToken;

    return token;
}

And then in my previous method:

public async Task Swap(string subscription, string resourceGroup, string site, string slot) 
{
    var client = new HttpClient();

    client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", await GetAccessToken("XXX", "XXX", "XXX"));

    var url =
            $"https://management.azure.com/subscriptions/{subscription}/resourceGroups/{resourceGroup}/providers/Microsoft.Web/sites/{site}/applySlotConfig?api-version=2016-08-01";

    var data = new {preserveVnet = true, targetSlot = slot};

    var message = new HttpRequestMessage
    {
        RequestUri = new Uri(url),
        Method = HttpMethod.Post,
        Content = new StringContent(JsonConvert.SerializeObject(data), Encoding.UTF8, "application/json")
    };

    var response = await client.SendAsync(message);

    Console.WriteLine(response.StatusCode);
}

Authorizing an Azure REST API Request

2 Answers2