Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
ManagedIdentityCredential authentication failed in AzureChina when starting from function app
See original GitHub issue- Package Name: @azure/identity
- Package Version: 3.1.1
- Operating system:
- nodejs
- version: azure function app v4
Describe the bug I have a function app that queries data from Log Analytics. For Azure Public everything works fine, but in Azure China I’m getting the error:
Result: Failure
Exception: ManagedIdentityCredential authentication failed. Status code: 500
More details:
undefined Status code: 500
More details:
undefined
Stack: AuthenticationError: ManagedIdentityCredential authentication failed. Status code: 500
More details:
undefined Status code: 500
More details:
undefined
at ManagedIdentityCredential.getToken (/home/site/wwwroot/node_modules/@azure/identity/dist/index.js:2276:19)
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at async tryGetAccessToken (/home/site/wwwroot/node_modules/@azure/core-rest-pipeline/dist/index.js:1994:32)
at async beginRefresh (/home/site/wwwroot/node_modules/@azure/core-rest-pipeline/dist/index.js:2002:17)
at async Object.defaultAuthorizeRequest [as authorizeRequest] (/home/site/wwwroot/node_modules/@azure/core-rest-pipeline/dist/index.js:2125:25)
at async Object.sendRequest (/home/site/wwwroot/node_modules/@azure/core-rest-pipeline/dist/index.js:2176:13)
at async AzureLogAnalytics.sendOperationRequest (/home/site/wwwroot/node_modules/@azure/core-client/dist/index.js:1920:33)
at async getRawResponse (/home/site/wwwroot/node_modules/@azure/monitor-query/dist/index.js:2628:26)
at async /home/site/wwwroot/node_modules/@azure/monitor-query/dist/index.js:2570:51
at async Object.withSpan (/home/site/wwwroot/node_modules/@azure/core-tracing/dist/index.js:140:28)
The function app is deployed in Azure China and wants to query a log analytics workspace in Azure china. The app has a principal id, which has the needed rights to access the log analytics workspace. The code for the logs query looks like this:
const credential = new DefaultAzureCredential({ authorityHost: AzureAuthorityHosts.AzureChina });
const logsQueryClient = new LogsQueryClient(credential);
const result = await logsQueryClient.queryWorkspace(...)
Instead of DefaultAzureCredential I also tried ManagedIdentityCredential but with the same 500 error.
To Reproduce Steps to reproduce the behavior:
- Deploy function app in Azure China with a LogsQueryClient to access a Log Analytics workspace also in Azure China
- Use client as described above
- Trigger Function App and check if the call was successful
Additional context Add any other context about the problem here.
Issue Analytics
- State:
- Created 10 months ago
- Comments:9 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I figured it out, the problem is that you have to set the endpoint in the LogsQueryClient as well as the authorityHost in the credential options:
Thanks @KarishmaGhiya for your support!
I suspect this is an issue with the wrong endpoint. Let me get back to you on this