Azure-sdk-for-go: graphrbac.ServicePrincipalsClient - Failure responding to request: StatusCode=401

Created on 22 Oct 2019  路  5Comments  路  Source: Azure/azure-sdk-for-go

Bug Report

Hello,

When using the GraphRBAC API I always receive the error: 

graphrbac.ServicePrincipalsClient#List: Failure responding to request: StatusCode=401 -- Original Error: autorest/azure: Service returned an error. Status=401 Code="Unknown" Message="Unknown service error" Details=[{"odata.error":{"code":"Authentication_MissingOrMalformed","message":{"lang":"en","value":"Access Token missing or malformed."}}}]

Here is the code that creates this:

package main

import (
    "context"
    "fmt"
    "os"

    "github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
    "github.com/Azure/go-autorest/autorest/azure/auth"
)

func main() {
    // Create Context handler
    ctx := context.Background()

    // Service Principal Client
    spClient := graphrbac.NewServicePrincipalsClient(os.Getenv("AZURE_TENANT_ID"))

    authorizer, err := auth.NewAuthorizerFromEnvironment()
    if err == nil {
        spClient.Authorizer = authorizer
    } else {
        panic(err)
    }

    client, err := spClient.List(ctx, "")
    fmt.Printf("%v\n", client)
    fmt.Printf("%v", err)
}

I am expecting to be able to query Azure AD via this SDK.

ARM - RBAC Mgmt Service Attention customer-reported
Source
picture seviourl

Most helpful comment

The problem here is that the resource ID for the authorizer is incorrect; it should be the graph resource ID (the default is the resource manager ID).

authorizer, err := auth.NewAuthorizerFromEnvironmentWithResource(azure.PublicCloud.ResourceIdentifiers.Graph)

Taken from the example code here.

picture jhendrixMSFT on 28 Oct 2019
👍3

All 5 comments

Hi @jhendrixMSFT would you please check on this? Seems something wrong with authorization or something wrong with the service.

ArcturusZhang picture ArcturusZhang on 28 Oct 2019

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @armleads-azure

msftbot[bot] picture msftbot[bot] on 28 Oct 2019

The problem here is that the resource ID for the authorizer is incorrect; it should be the graph resource ID (the default is the resource manager ID).

authorizer, err := auth.NewAuthorizerFromEnvironmentWithResource(azure.PublicCloud.ResourceIdentifiers.Graph)

Taken from the example code here.

jhendrixMSFT picture jhendrixMSFT on 28 Oct 2019
👍3

Issue closed, after changing the authorizer I can successfully authenticate with the Graph API.

Thanks @jhendrixMSFT

seviourl picture seviourl on 29 Oct 2019

Thanks for working with Microsoft on GitHub! Tell us how you feel about your experience using the reactions on this comment.

msftbot[bot] picture msftbot[bot] on 29 Oct 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

mbfrahry picture mbfrahry  路  4Comments
tombuildsstuff picture tombuildsstuff  路  4Comments
yannart picture yannart  路  3Comments
pmcatominey picture pmcatominey  路  3Comments
ncw picture ncw  路  4Comments