2

I am creating availability test for Azure APIs in Application Insights but these test are failing because of unauthorised access. It says JVT validation failed since token is not present.

When I test the same from developer portal and generate token. It works fine there. But I am not able to the same from portal.

I referred to this thing: https://learn.microsoft.com/en-gb/azure/azure-monitor/app/monitor-web-app-availability

Ashish Bhahradwaj
  • 21
  • 1
  • Are you using app service auth or are you doing auth in your app (ie `Authorize` attribute) ? – Thomas Jun 24 '19 at 09:49
  • We are doing this way https://winterdom.com/2017/11/09/oauth2-apimanagement. For the APIs, where we are not adding 'validate-jwt' policy, availability test in app insights is working fine but other are breaking because of auth issue – Ashish Bhahradwaj Jun 24 '19 at 09:59
  • So you have ip restriciton between APIM and your backend and you re only checking OAuth token at the APIM level ? – Thomas Jun 24 '19 at 10:06
  • So how would you want your API to behave when token is not present? Should it still process request? That would not be safe, that is the point of validating JWT at all. Should it check something else to decide whether to let request pass or not? What then? – Vitaliy Kurokhtin Jun 24 '19 at 23:13

1 Answers1

0

I don't think it is possible for you to acquire the bearer token from the token endpoint while calling from the portal availability test. One alternative is to write a timer triggered Azure function and log the outcome to AppInsights and then alert based on your threshold. Within Azure function, you can call the token endpoint, acquire the token and then call the API endpoint by passing the token.

Reference link - https://learn.microsoft.com/en-gb/azure/azure-monitor/app/availability-azure-functions

Subhendu De
  • 25
  • 5