Azure Container Apps
An Azure service that provides a general-purpose, serverless container platform.
431 questions
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
We need to exchange the AAD token for ACR refresh token. The code snippet we are currently using is fetching the AAD access token with the scope https://management.azure.com/.default
. Can someone please confirm if this is the recommended scope for our use case? Below is the snippet we are using:
cred, err := azidentity.NewManagedIdentityCredential(nil)
ctx2 := context.Background()
aadToken, err := cred.GetToken(ctx, policy.TokenRequestOptions{
Scopes: []string{"https://management.azure.com/.default"}})
tenantId := "xxx"
acrService := "xxx.azurecr.io"
formData := url.Values{
"grant_type": {"access_token"},
"service": {acrService},
"tenant": {tenantId},
"access_token": {aadToken.Token},
}
jsonResponse, err := http.PostForm(fmt.Sprintf("https://%s/oauth2/exchange", acrService), formData)