Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,194 questions
KeyVault API call error
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 11%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Rahul
21
Reputation points
Hey, I was trying to make an api call using the endpoint of key vaults.
Here's my code:
def get_token():
r = requests.post("https://login.microsoftonline.com/TenantID/oauth2/token",data={"grant_type": "client_credentials","client_secret": "xxxxx","client_id": "xxxxxxx","resource": "https://management.azure.com"})
ret_body = r.json()
return ret_body['access_token']
token = get_token()
headers = {'Authorization': 'Bearer ' + token}
#print(headers)
conn = http.client.HTTPSConnection('management.azure.com')
conn.request("GET", '/subscriptions/xxxxxx/providers/Microsoft.KeyVault/vaults?api-version=2021-11-01-preview', "", headers)
response = conn.getresponse()
key_data = response.read()
key_data = key_data.decode('utf-8')
key_data = json.loads(key_data)
print(key_data)
I haven't written the IDs here, but I have written it on my local code.
This call used to work always until I tried it out again today. This is the output I am getting
{'value': [], 'nextLink': 'https://management.azure.com/subscriptions/xxxxx/providers/Microsoft.KeyVault/vaults?api-version=2021-11-01-preview&$skiptoken=ServiceBased,dGVzdHN0b3x0ZXN0dmF1bHQ2OTA='}
Again, I have removed the subscription while pasting it here. But I've mentioned what happens when I click the link below.
I tried changing the api versions too. Didn't work, I printed the header as well. Nothing was wrong. When I clicked on the "nextLink", this was the error I got.
{"error":{"code":"AuthenticationFailed","message":"Authentication failed. The 'Authorization' header is missing."}}
Is there something wrong with the code? Or has the endpoint somehow changed (highly unlikely)?
{count} votes
-
JamesTran-MSFT 36,541 Reputation points Microsoft Employee2022-03-28T21:55:01.447+00:00 @Rahul
Thank you for your post and I apologize for the delayed response!From your
request.post, it looks like you might have the wrong resource URLhttps://management.azure.com. When requesting an access token from the Azure OAUTH endpoint the resource for all tokens to access a Key Vault ishttps://vault.azure.net(with no trailing slash). For more info.
If you're still having issues after trying "vault.azure.net", please let me know.
Thank you for your time and patience throughout this issue. -
JamesTran-MSFT 36,541 Reputation points Microsoft Employee
2022-03-30T17:12:30.333+00:00 @Rahul
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue? -
Rahul 21 Reputation points
2022-03-31T07:09:21.067+00:00 Hi, No i havent been able to solve this error.
def get_token(): r = requests.post("https://login.microsoftonline.com/TenantID/oauth2/token",data={"grant_type": "client_credentials","client_secret": "xxxxx","client_id": "xxxxxxx","resource": "https://vault.azure.net"}) ret_body = r.json() return ret_body['access_token'] token = get_token() headers = {'Authorization': 'Bearer ' + token} #print(headers) conn = http.client.HTTPSConnection('vault.azure.net') conn.request("GET", '/subscriptions/xxxxxx/providers/Microsoft.KeyVault/vaults?api-version=2021-11-01-preview', "", headers) response = conn.getresponse() key_data = response.read() key_data = key_data.decode('utf-8') key_data = json.loads(key_data) print(key_data)I dont think this is the endpoint for vault.azure.net
-
JamesTran-MSFT 36,541 Reputation points Microsoft Employee
2022-04-06T18:23:07.083+00:00 @Rahul-865
Thank you for following up on this!Can you share the documentation that you're following to implement this, so I can gain a better understanding of your issue?
Sign in to comment