System-assigned managed identity to request an access token

Chunhui You 0 Reputation points Microsoft Employee
2024-05-30T17:44:09.3333333+00:00

I have an Azure Function app, calls Azure text translate service restful API endpoint. https://api.cognitive.microsofttranslator.com/translate?api-version=3.0&to=zh Now I want to use the system assigned managed identity to request an access token and use that token to authenticate (bearer token in http header). However, I got an error below. Here is my code to request access token. Does anyone have clue?
var azureServiceTokenProvider = new DefaultAzureCredential(options);

            AccessToken accessToken = await azureServiceTokenProvider.GetTokenAsync(new TokenRequestContext(new[] { "https://api.cognitive.microsofttranslator.com/.default" }));
Failed to translate. The exception is: Azure.Identity.AuthenticationFailedException: ManagedIdentityCredential authentication failed: Service request failed.
Status: 500 (Internal Server Error)

Content:
{"statusCode":500,"message":"An unexpected error occured while fetching the AAD Token.","correlationId":"3588c043-9b25-471f-b7b6-415905a000f0"}

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,520 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,228 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Luis Arias 5,601 Reputation points
    2024-06-13T19:28:24.4466667+00:00

    Hello Chunhui You,

    It looks like you are trying to use the system assigned identity to get the access token to use on the Azure AI service API call. Like this example:

    https://learn.microsoft.com/en-us/azure/ai-services/translator/document-translation/how-to-guides/create-use-managed-identities

    First I suggest to verify the endpoint url and the procedure itself, here an example using Service principal that also can help you to setup your call on function app:

    https://learn.microsoft.com/en-us/azure/ai-services/authentication?tabs=powershell#sample-request

    You can follow this documentation:

    Please take a look on the information shared and reach out again if you need more assistance.

    Luis

    0 comments No comments