Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
AzureCredentialsFactory.FromUser needs documentation/examples
See original GitHub issueI want to use .NET (F#) to manage Azure, instead of having to use Powershell or the Azure CLI or the Azure portal, and I want to do it as myself with my own permissions instead of having to set up a service principal that has the same permissions as me. It looks like AzureCredentialsFactory.FromUser may be what I’m looking for, but I must be using it wrong because it throws an auth exception. Here’s my script snippet:
let myClientId = "4aa4d595-fdf3-4271-a995-ba13a7f60f0c" // ApplicationID from Azure portal, see screenshot
let cred = SdkContext.AzureCredentialsFactory.FromUser("maxw@microsoft.com", pwd, myClientId, mytenantId, AzureEnvironment.AzureGlobalCloud)
let azure = Azure.Configure().Authenticate(cred)
printfn "%A" <| azure.ActiveDirectoryUsers.GetByName("coworker@microsoft.com")
Expected: some information about my coworker.
Actual: GetByName() throws authentication exception
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpWebRequestWrapper.<GetResponseSyncOrAsync>d__2.MoveNext()
...
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Azure.Management.ResourceManager.Fluent.Core.Extensions.Synchronize[TResult](Func`1 function)
at Microsoft.Azure.Management.Graph.RBAC.Fluent.ActiveDirectoryUsersImpl.Microsoft.Azure.Management.ResourceManager.Fluent.Core.CollectionActions.ISupportsGettingByName<Microsoft.Azure.Management.Graph.RBAC.Fluent.IActiveDirectoryUser>.GetByName(String name)
at Program.main(String[] argv) in d:\code\rse\azureManagement\azureManagement\azMan\Program.fs:line 32
Firstly, what is the correct usage? Secondly, why doesn’t Authenticate() throw instead of waiting for the GetByName() call before throwing?
Issue Analytics
- State:
- Created 5 years ago
- Reactions:1
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Thanks for the explanation of the .FromUser failure from 2FA.
Are there any examples of using .FromDevice()? I’m not sure what form Func<DeviceCodeResult, bool> is supposed to take.
My device is just a regular Windows 10 desktop machine.
This is due to the 2FA requirement in Microsoft tenant.
AzureCredentialsFactory.FromUseronly works if 2FA is not turned on in the directory.Authenticate()does not actually make a REST call no matter how much the method name tells otherwise. A token is acquired on the wire when a first REST call is made, and once every hour afterwards.