HMAC authorization - REST API reference
When HMAC authentication is used, operations fall in to one of two categories, read or write. Read-write access keys grant permission to call all operations. Read-only access keys grant permission to call only read operations. Whether an access key is read-only or read-write is determined by its readOnly property. Any attempt to make a write request with a read-only access key will result in the request being unauthorized.
Obtaining access keys
The specification describing access keys and the API used to obtain them is detailed in the Azure App Configuration resource provider spec here. Access keys are obtained via the "ConfigurationStores_ListKeys" operation.
Errors
HTTP/1.1 403 Forbidden
Reason: The access key used to authenticate the request does not provide the required permissions to perform the requested operation.
Solution: Obtain an access key that provides permission to perform the requested operation and use it to authenticate the request.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for