Share via


Get a Microsoft Entra token and use it send events to an event hub

See Authenticate from an application for an overview of getting a Microsoft Entra token.

This article gives you an example of getting a Microsoft Entra token that you can use to send events to and receive events from an Event Hubs namespace. It uses the Postman tool for testing purposes.

Prerequisites

Register your app with Microsoft Entra ID

First step is to register your application with the Microsoft Entra tenant and note down the values of tenant ID, client ID, and client secret. You use these values latest when testing the REST API using the Postman tool.

  1. Sign in to the Azure portal.

  2. In the search bar, search for Microsoft Entra ID, and select it from the drop-down list.

  3. On the Microsoft Entra ID page, select App Registrations link on the left menu, and then select + New registration on the toolbar.

    Screenshot showing the App Registrations page with New registration link selected.

  4. Enter a name for the app, and select Register.

    Screenshot showing the Register application page.

  5. On the home page for the application, note down the values of Application (client) ID and Directory (tenant) ID. You use these values to get a token from Microsoft Entra ID.

    Screenshot showing the home page with client ID and tenant ID highlighted.

  6. Now, select Certificates & secrets on the left menu, and select + New client secret.

    Screenshot showing the Certificates & Secrets page.

  7. Enter a description, select when the secret will expire, and select Add.

    Screenshot showing the description, select expiry time, and the Add button.

  8. Select the copy button next to the secret value in the Client secrets list to copy the value to the clipboard. Paste it somewhere. You use it later to get a token from Microsoft Entra ID.

    Screenshot showing the client secret button.

Add application to the Event Hubs Data Sender role

In this example, we're only sending messaging to the event hub, so add the application to the Azure Event Hubs Data Sender role.

  1. On the Event Hubs Namespace page, select Access control from the left menu, and then select Add on the Add a role assignment tile.

    Screenshot showing the Access Control page.

  2. On the Add role assignment page, select Azure Event Hubs Data Sender for Role, and select your application (in this example, ServiceBusRestClientApp) for the service principal.

    Screenshot showing the addition of app to the Azure Event Hubs Data Sender role.

  3. Select Save on the Add role assignment page to save the role assignment.

Use Postman to get the Microsoft Entra token

  1. Launch Postman.

  2. For the method, select GET.

  3. For the URI, enter https://login.microsoftonline.com/<TENANT ID>/oauth2/token. Replace <TENANT ID> with the tenant ID value you copied earlier.

  4. On the Headers tab, add Content-Type key and application/x-www-form-urlencoded for the value.

    Screenshot showing the content-type header.

  5. Switch to the Body tab, and add the following keys and values.

    1. Select form-data.

    2. Add grant_type key, and type client_credentials for the value.

    3. Add client_id key, and paste the value of client ID you noted down earlier.

    4. Add client_secret key, and paste the value of client secret you noted down earlier.

    5. Add resource key, and type https://eventhubs.azure.net for the value.

      Screenshot showing the body for the request.

  6. Select Send to send the request to get the token. You see the token in the result. Save the token (excluding double quotes). You use it later.

    Screenshot showing the access token from Microsoft Entra.

Send an event to the event hub

  1. In Postman, open a new tab.

  2. Select POST for the method.

  3. Enter URI in the following format: https://<EVENT HUBS NAMESPACE NAME>.servicebus.windows.net/<QUEUE NAME>/messages. Replace <EVENT HUBS NAMESPACE NAME> with the name of the Event Hubs namespace. Replace <QUEUE NAME> with the name of the queue.

  4. On the Headers tab, add the following two headers.

    1. Add Authorization key and value for it in the following format: Bearer <TOKEN from Microsoft Entra ID>. When you copy/paste the token, don't copy the enclosing double quotes.

    2. Add Content-Type key and application/atom+xml;type=entry;charset=utf-8 as the value for it.

      Screenshot of the Headers tab emphasized in the event hub.

  5. On the Body tab, select raw for the data type, and enter This is a message or any message for the body.

    Screenshot of the test event in the raw Body view in the event hub.

  6. Select Send to send the message to the queue. You see the status as Created with the code 201 as shown in the following image.

    Screenshot showing the succeeded status.

  7. On the namespace page in the Azure portal, you can see that the messages are posted to the queue.

    Screenshot showing the messages that are posted to the queue.

See Also

See the following articles: