Get authorization bearer token for azure management api in data factory

Raj D 581 Reputation points
2021-12-10T21:34:39.78+00:00

Greetings!!!

I am trying to get authorization bearer token for azure management api in data factory. I am using the below url and resource and authentication using msi (Managed Identity).

URL: https://login.microsoftonline.com/common/oauth2/authorize
Resource: https://management.azure.com/
Body: grant_type=client_credentials&resource=https://management.azure.com/

156801-image.png

156765-image.png

I was hoping to see the activity output to be something like below. 

{  
  "access_token": "eyJ0eXAi12ab",  
  "refresh_token": "",  
  "expires_in": "3599",  
  "expires_on": "1506484173",  
  "not_before": "1506480273",  
  "resource": "https://management.azure.com/",  
  "token_type": "Bearer"  
}

But the output I get is entirely different. Could you please guide me where I'm doing wrong.

My output looks something like this 

{  
  "Response": ""  
}
Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
9,600 questions
0 comments
Accepted answer
  1. svijay-MSFT 5,201 Reputation points Microsoft Employee
    2021-12-13T13:56:41.27+00:00

    Hello @Raj D ,

    Thanks for the question and using MS Q&A platform.

    The Managed Identity Authentication eliminates the necessity of generating the Access token

    STEP 1

    You will have grab the identity of the system assigned ADF or create a user assigned identity.

    Add this identity to the resource that you are accessing. For instance if you are accessing the Storage Account from ADF

    You will access the IAM of the Storage account and ADF Identity with Appropriate access.

    157159-image.png

    In the above case, sivjayadf2 is the adf instance at my end.

    STEP2 :

    You will use managed Identity if you are accessing the resource through the ADF Identity

    157212-image.png

    Alternatively, if you are using the user assigned identity, you will have configure the credential.

    157137-image.png

    You could refer this Video here for more information : https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview

    Option 2 :

    If you want to generate the OAUTH token. You will have issue the request in the below format : 

    POST /{tenant}/oauth2/v2.0/token HTTP/1.1           //Line breaks for clarity  
Host: login.microsoftonline.com  
Content-Type: application/x-www-form-urlencoded  
  
client_id=535fb089-9ff3-47b6-9bfb-4f1264799865  
&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default  
&client_secret=sampleCredentia1s  
&grant_type=client_credentials

    Here the Client ID and Client Secret service principal.

    Hope this will help. Please let us know if any further queries.

    ------------------------------

    • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
    • Want a reminder to come back and check responses? Here is how to subscribe to a notification
    • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators
    2 people found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest