Fetching the TenanId for a subscription from Azure Active Directory

Question

I have a requirement, where I needed to fetch the tenantDirectoryId for a given subscription. I could find a rest get api https://management.azure.com/subscriptions/[subscription]/versions...

The error response to this gave the tenant directory.

Is there any better way to fetch directory for a subscriptionId.

Well.. since you are able to call the API I assume you have an access token. The token contains a tid claim which is the tenant id. — juunas
I am getting access token with my appId and hitting to common AAD directory. While getting access token, subscriptionId is never passed. — Nishant
Did you check the token? If you are able to use it, it must contain the tenant id. — juunas
It contains tokenId which is an identifier for the tenant the token was acquired from. But my requirement is to know the tokenId for any random subscription. — Nishant
The api mentioned in your question is : https://management.azure.com/subscriptions/<subscription id>?api-version=2014-04-01 ? — Joy Wang

Marilee Turscak - MSFT Marilee Turscak - MSFT · Accepted Answer · 2018-08-02T00:15:11

As of now (06/07/2018), an easy approach would be running az account show in the Azure Cloud Shell (requires a Storage Account) in the Azure Portal.

--- Command ---

az account show

--- Command Output ---

{
  "environmentName": "AzureCloud",
  "id": "{Subscription Id (GUID)}",
  "isDefault": true,
  "name": "{Subscription Name}",
  "state": "Enabled",
  "tenantId": "{Tenant Id (GUID)}",
  "user": {
    "cloudShellID": true,
    "name": "{User email}",
    "type": "user"
  }
}

See this doc for more details on Azure Cloud Shell: https://docs.microsoft.com/en-us/azure/cloud-shell/overview

Fetching the TenanId for a subscription from Azure Active Directory

2 Answers