This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 0%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDW%3C/text%3E%3C/svg%3E)
I could not authorize Azure Service Bus with spring-cloud-azure-starter-servicebus. From the log, my app had no problem getting the token, but I got "Unauthorized access. 'Send' claim(s) are required to perform this operation." when I sent the message.
From the same VM, I wrote a test program with azure-identity, which I believe spring-cloud-azure-starter-servicebus also uses DefaultAzureCredential from azure-identity to create a credential. I had similar problems. However, if I explicitly created a ManagedIdentityCredential with the specific client ID, it worked.
I suspect the DefaultAzureCredential picked up the default managed identities (system assigned) that did not require permission. If this is the case, anyway I can specify the one I want?
Try:
TokenCredential managedIdentityCredentialUserAssigned = new ManagedIdentityCredentialBuilder()
.clientId(clientId) // specify client id of user-assigned managed identity.
.build();
Thanks, this was exactly what I had tested (and verified my user assigned manage identity was correct), the problem is I am not sure how to do the same with spring-cloud-azure-starter-servicebus. It created the Credential on its own which I guess uses the system managed identity if it is enabled before consider user assigned manage identity if any.