Share via

Azure Functions can't load the proper managed identity to receive message from Service Bus

Yifan Du 75 Reputation points Microsoft Employee
2024-06-26T16:43:33.3933333+00:00

I made the change based on this instruction to use managed identity to receive message from service bus https://learn.microsoft.com/en-us/azure/azure-functions/functions-identity-based-connections-tutorial-2, but seeing errors of "Unable to load the proper Managed Identity."

Here is what I did for the configuration:

  1. Added ServiceBusConnection__fullyQualifiedNamespace and was able to see it in the error log.
  2. Assigned managed identity (Azure Function) role of Azure Service Bus Data Receiver in Service Bus namespace.
  3. In the function trigger in code, added [ServiceBusTrigger("mytopic", "mysub", Connection = "ServiceBusConnection")

The error is

mytopic/Subscriptions/mysub-xxx: ReceiveBatchAsync Exception: Azure.Identity.AuthenticationFailedException: ManagedIdentityCredential authentication failed: Service request failed. Status: 400 (Bad Request)

Content: {"statusCode":400,"message":"Unable to load the proper Managed Identity.","correlationId":"xxx..."}

at Azure.Identity.ManagedIdentitySource.HandleResponseAsync(Boolean async, TokenRequestContext context, HttpMessage message, CancellationToken cancellationToken) at Azure.Identity.ManagedIdentitySource.AuthenticateAsync(Boolean async, TokenRequestContext context, CancellationToken cancellationToken) at Azure.Identity.ManagedIdentityClient.AuthenticateCoreAsync(Boolean async, TokenRequestContext context, CancellationToken cancellationToken) at Azure.Identity.ManagedIdentityClient.AppTokenProviderImpl(AppTokenProviderParameters parameters) at Microsoft.Identity.Client.Internal.Requests.ClientCredentialRequest.SendTokenRequestToAppTokenProviderAsync(ILoggerAdapter logger, CancellationToken cancellationToken) at Microsoft.Identity.Client.Internal.Requests.ClientCredentialRequest.GetAccessTokenAsync(CancellationToken cancellationToken, ILoggerAdapter logger) at Microsoft.Identity.Client.Internal.Requests.ClientCredentialRequest.ExecuteAsync(CancellationToken cancellationToken) at Microsoft.Identity.Client.Internal.Requests.RequestBase.<>c__DisplayClass11_1.<

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
5,399 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Yifan Du 75 Reputation points Microsoft Employee
    2025-02-03T15:23:40.0133333+00:00

    I made it work by adding <CONNECTION_NAME_PREFIX>__credential and <CONNECTION_NAME_PREFIX>__clientId mentioned in this document learn.microsoft.com/en-us/azure/azure-functions/…

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.