Azure REST API Token

Atomz4peace 11 Reputation points
2021-02-08T19:41:17.733+00:00

I'm trying to use the Azure REST API you see here: https://learn.microsoft.com/en-us/rest/api/azure/ to get things like which users have which azure roles/permissions.

I have an azure AD application registered and working fine with the graph API. I've given it every access I can find but when I try to run the https://management.azure.com calls with that account and token I get Authentication failed.

Can I use that application ID and it's auth token? I have a client id and secret and can auth with https://login.microsoftonline.com/{{TenantID}}/oauth2/v2.0/token. Works great for graph.

How do you get auth to use the management.azure.com endpoint?

Thank you!
Steve

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,909 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. JamesTran-MSFT 36,481 Reputation points Microsoft Employee
    2021-02-09T23:05:21.773+00:00

    @Atomz4peace
    Thank you for your detailed post! I was able to replicate your issue and will post my findings below.

    REST API:

    GET https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}?api-version=2020-06-01  
    

    Error Message:
    66049-image.png

    Workaround using Postman:
    Use Postman with the Microsoft Graph API - Full documentation
    Azure REST APIs with Postman in 2 Minutes

    66037-managementapis.gif

    Since I wasn't able to figure out how to set the scope to "https://management.azure.com/.default" within Graph Explorer for the AAD token, I ended up using Postman as my workaround for running the managment.azure.com REST API.

    If you have any other questions, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.