Unable to get access token. 'AADSTS500011: The resource principal named 'xxx' was not found in the tenant -tenantid

0
votes

I am trying to get the access token for the Azure function app. I have enabled managed identity for the function app(system assigned). but while fetching the token using the nuget Azure.Identity.

var tokenCredential = new DefaultAzureCredential(); var accessToken = await tokenCredential.GetTokenAsync( new TokenRequestContext(scopes: new string[] { "https://xxx.azure-api.net/" + "/.default" }) { } );

I am getting the error.

The resource principal named 'xxx.azure-api.net' was not found in the tenant 123

but when run az cli to check the subscription details, the subscription indeed part of the tenant 123 only.

2
azureazure-active-directoryazure-functions
You may be missing the scope, try to change it to: https://xxx.azurewebsites.net/.default.Carl Zhao
I have tried, its still the same.threeleggedrabbit

2 Answers

0
votes

You need to register the application in azure ad and enable the access token. Once that is done the you need to provide RBAC access to your xxx.azurewebsites.net

enter image description here

Follow this article for the step by step documentation Microsoft Document Reference

0
votes

Here is what I have finally done.

  1. I have registered an App in AD. and Exposed the API of that App.
  2. I have assigned System Assigned Managed Identity to the Function.
  3. In the local I am not able to request token because Azure CLI is not given consent.
  4. After deploying the application in Function my Function app can request a token using its identity.