Get an Azure Active Directory (Azure AD) token and use it to send messages to a Service Bus queue

  • Article

See Authenticate from an application for an overview of getting an Azure Active Directory (Azure AD) token.

This article gives you an example of getting an Azure AD token that you can use to send messages to a Service Bus namespace. It uses the Postman tool for testing purposes.

Prerequisites

Register your app with Azure AD

First step is to register you application with the Azure AD tenant and note down the values of tenant ID, client ID, and client secret. You will use these values latest when testing the REST API using the Postman tool.

  1. Sign in to the Azure portal.

  2. In the search bar, search for Azure Active Directory, and select it from the drop-down list.

    Search for Azure Active Directory and select it

  3. On the Azure Active Directory page, select App Registrations link on the left menu, and then select + New registration on the toolbar.

    Switch to the App registrations page, and select New registration

  4. Enter a name for the app, and select Register.

    Enter a name and select Register

  5. On the home page for the application, note down the values of Application (client) ID and Directory (tenant) ID. You will use these values to get a token from Azure AD.

    Note down client ID and tenant ID

  6. Now, select Certificates & secrets on the left menu, and select + New client secret.

    Switch to Certificates & Secrets page, and select New client secret

  7. Enter a description, select when the secret will expire, and select Add.

    Enter description, select expiry time, and select Add

  8. Select the copy button next to the secret value in the Client secrets list to copy the value to the clipboard. Paste it somewhere. You will use it later to get a token from Azure AD.

    Copy client secret

Add application to the Service Bus Data Sender role

In this example, we are only sending messaging to the Service Bus queue, so add the application to the Service Bus Data Sender role.

  1. On the Service Bus Namespace page, select Access control from the left menu, and then select Add on the Add a role assignment tile.

    Access control -> Add a role assignment

  2. On the Add role assignment page, select Azure Service Bus Data Sender for Role, and select your application (in this example, ServiceBusRestClientApp) for the service principal.

    Add app to the Azure Service Bus Data Sender role

  3. Select Save on the Add role assignment page to save the role assignment.

Use Postman to get the Azure AD token

  1. Launch Postman.

  2. For the method, select GET.

  3. For the URI, enter https://login.microsoftonline.com/<TENANT ID>/oauth2/token. Replace <TENANT ID> with the tenant ID value you copied earlier.

  4. On the Headers tab, add Content-Type key and application/x-www-form-urlencoded for the value.

    Add content-type header

  5. Switch to the Body tab, and add the following keys and values.

    1. Select form-data.

    2. Add grant_type key, and type client_credentials for the value.

    3. Add client_id key, and paste the value of client ID you noted down earlier.

    4. Add client_secret key, and paste the value of client secret you noted down earlier.

    5. Add resource key, and type https://servicebus.azure.net for the value.

      Set body for the request

  6. Select Send to send the request to get the token. You see the token in the result. Save the token (excluding double quotes). You will use it later.

    Access token from Azure AD

Send messages to a queue

  1. In Postman, open a new tab.

  2. Select POST for the method.

  3. Enter URI in the following format: https://<SERVICE BUS NAMESPACE NAME>.servicebus.windows.net/<QUEUE NAME>/messages. Replace <SERVICE BUS NAMESPACE NAME> with the name of the Service Bus namespace. Replace <QUEUE NAME> with the name of the queue.

  4. On the Headers tab, add the following two headers.

    1. Add Authorization key and value for it in the following format: Bearer <TOKEN from Azure AD>. When you copy/paste the token, don't copy the enclosing double quotes.

    2. Add Content-Type key and application/atom+xml;type=entry;charset=utf-8 as the value for it.

      Screenshot of Authorization and Content dash Type selected as Headers in the Service Bus queue.

  5. On the Body tab, select raw for the data type, and enter This is a message or any message for the body.

    Screenshot of the test message in the raw Body view of the Service Bus queue.

  6. Select Send to send the message to the queue. You see the status as Created with the code 201 as shown in the following image.

    Succeeded status

  7. On the namespace page in the Azure portal, you can see that the messages are posted to the queue.

    Messages are posted to the queue

    You can also use the Service Bus Explorer (preview) on the Service Bus Queue page as shown in the following image to receive or peek messages.

    Receive messages using Service Bus Explorer

See Also

See the following articles: