IoT Central REST API servicePrincipal token unauthorized

David Simonov 0 Reputation points
2024-07-18T17:23:41.1766667+00:00

Hello,

I'm trying to allow a Function App to access IoT Central REST API in production. For this I need to create a special servicePrincipal user in IoT Central that will be used to impersonate the App's access.

The userId in the URL I made up from scratch.

When I issue "Create User" REST API call:

https://wqms.azureiotcentral.com/api/users/28d88313-9886-4f97-b3a7-235d17b2d034?api-version=2022-07-31

with body:

{

objectId: "f2c2fb8c-2167-444a-bca1-025047a9defb",

roles: "[{"role": "b4935647-30e4-4ed3-9074-dcac66c2f8ef", "organization":"Vendors"}]",

tenantId: "5e76678e-2917-4c3f-9113-64e089d690c4",

type: "servicePrincipal"

}

I get Unauthenticated Error no matter what I do:

{"error":{"code":"Unauthenticated","message":"The provided authentication token is invalid. You can contact support at https://aka.ms/iotcentral-support. Please include the following information. Request ID: 7j2la19s, Time: Thu, 18 Jul 2024 16:58:50 GMT.","requestId":"7j2la19s","time":"Thu, 18 Jul 2024 16:58:50 GMT"}}

The bearer token I create using:

az account get-access-token --resource https://apps.azureiotcentral.com

Then I put the result token in the "Authorization" header.

What am I doing wrong?

Thanks!

Azure IoT Central
Azure IoT Central
An Azure hosted internet of things (IoT) application platform.
365 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.