Cannot generate Access Token via API, but can thorught the portal.

IB Product 1 Reputation point
2022-04-05T01:32:39.377+00:00

I cannot generate the access tokens as it keeps returning :

{
"ErrorType": "USER_NOT_REGISTERED",
"Message": "User is not registered to APIM. Trace id: '37fac28d-46da-44ad-affa-e80fd39047b5'."
}

With the same account via the portal, I can generate the access tokens.

All other apis - upload, index, etc work with the same subscription key, account ID and region (with the generated Access Token via portal)
But I cannot seem to generate the access token via API

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,871 questions
{count} votes

1 answer

Sort by: Most helpful
  1. MayankBargali-MSFT 69,926 Reputation points
    2022-04-07T04:02:15.01+00:00

    @IB Product Thanks for reaching out. Can you please confirm if the issue is specific to a particular user? Assuming that you have passed the right value and already validate it to generate the Access Token via API. If not then please revalidate it and let me know if you need any help in validating it.

    If the request is correctly built but you are still getting the error then It looks like that user in APIM DB is registered/or it got changed with a different Object ID than the OID in Azure AD. Can you please validate whether the OID in APIM DB is the same as OID in Azure AD.

    If the OID value is different then I will suggest you to update the user identity in the APIM DB with the new OID that you see in Azure AD. APIM admin can use Create or Update REST API to update the user identity in the APIM DB. That will essentially migrate the user (including all their subscription keys etc.).

    PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/users/{userId}?api-version=2021-08-01

    {  
      "properties": {  
            "email": "<<youruseremailID>>",  
           "identities": [  
              {  
                "provider": "Aad",  
                "id": "<<same OID from azure AD>>"  
              }  
           ]  
      }  
    }  
    
    0 comments No comments