I develop ASP.NET Core 3.1 API and i use in .net standard 2.0
My code located in .net standard project.
nuget version
Azure.Identity : 1.3.0
Azure.Security.KeyVault.Secrets : 4.10
and use DefaultAzureCredential,
but i try to debug, Occured below error.
SharedTokenCacheCredential authentication failed: A configuration issue is preventing authentication - check the error message from the server for details.You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS70002: The client does not exist or is not enabled for consumers. If you are the application developer, configure a new application through the App Registrations in the Azure Portal at https://go.microsoft.com/fwlink/?linkid=2083908.
Trace ID: [guid]
Correlation ID: [guid]
Timestamp: 2020-12-29 02:06:23Z
so, i retry to with
new DefaultAzureCredentialOptions { ExcludeSharedTokenCacheCredential = true }
this option, but other error occured.
Service request failed.
Status: 403 (Forbidden)
Content:
{"error":{"code":"Forbidden","message":"Access denied to first party service.\r\nCaller: name=from-infra;tid=f8cdef31-a31e-4b4a-93e4-5f571e91255a;appid=[guid];iss=https://sts.windows.net/f8cdef31-a31e-4b4a-93e4-5f571e91255a/\r\nVault: [KeyVaultName];location=koreasouth","innererror":{"code":"AccessDenied"}}}
Headers:
Cache-Control: no-cache
Pragma: no-cache
x-ms-keyvault-region: koreasouth
x-ms-request-id: REDACTED
x-ms-keyvault-service-version: 1.2.99.0
x-ms-keyvault-network-info: conn_type=Ipv4;addr=211.219.111.149;act_addr_fam=InterNetwork;
X-Powered-By: REDACTED
Strict-Transport-Security: REDACTED
X-Content-Type-Options: REDACTED
Date: Tue, 29 Dec 2020 05:17:58 GMT
Content-Length: 343
Content-Type: application/json; charset=utf-8
Expires: -1
I'm already add my WebApp Application to Access Policy in Keyvault .
What should I do?