How to upgrade Video Analyzer for Media from Trial to Unlimited

Scott Chacon 6 Reputation points
2022-01-24T06:52:58.17+00:00

Here is a short story about trying to get the Azure Video Analyzer for Media API to work. At all. Long story short: I cannot do it.

Trial Account

Basically, I started here at the aptly named “Tutorial: Use the Video Analyzer for Media API” page:

https://learn.microsoft.com/en-us/azure/azure-video-analyzer/video-analyzer-for-media-docs/video-indexer-use-apis#obtain-access-token-using-the-authorization-api

I was eventually able to get a subscription to the Analyzer API created and get my keys and do the first call with this Ruby code:

apiUrl = "https://api.videoindexer.ai"  
apiKey = "<my api key>"   
accountId = "<my account id>"   
location = "eastus"  
   
accessTokenUrl = "#{apiUrl}/auth/#{location}/Accounts/#{accountId}/AccessToken?allowEdit=true"  
   
request = {}   
request["Ocp-Apim-Subscription-Key"] = apiKey   
   
ap response = HTTPX.get(accessTokenUrl, headers: request)   
ap response.body.to_s   

Whew. There were some hiccups, but right now I don’t care, I eventually got it to work.

However, now my user that was created for this has a limit of 600 minutes, it’s a trial account. OK, so I should just be able to put in a credit card and start paying for usage right? Nope-edy-nope-nope.

Trial to “Unlimited” User

Luckily there is a big “+ Create Unlimited Account” button there and you can click on it and looks pretty easy:

167654-cleanshot-2022-01-23-at-2022072x.png

OK, so I re-sign into the same account I was just in and land in the Azure portal, directly on the page to create the Video Analyzer service. Awesome.

167692-cleanshot-2022-01-23-at-2025502x.png

OK, now I need to know what a “Resource Group”, “Media Account” (new or existing classic), “Resource Name”, “Media Services Account” (apparently different from Media account), and “Managed Identity” is. Some of these allow dashes, some do not. Some fields need it to be globally unique name but don’t tell you that until after you try to create it, which is awesome. But whatever, eventually I created names for all of these things that it was happy with and I got my Video Analyzer for Media resource deployed (and all of these other things too).

167693-cleanshot-2022-01-23-at-2030192x.png

Whew. OK. Just want the one API, but whatever.

So now I look at my new resource and there is a link to explore it in the Portal. Back to the portal we go!

167682-cleanshot-2022-01-23-at-2031352x.png

Except back at the portal, nothing has changed. Still says “Trial”. Still prompts me to create an unlimited account.

167674-cleanshot-2022-01-23-at-2037442x.png

So I click on “Create Unlimited Account” again, but I get a slightly different popup. I think it’s because it sees me as being logged in again.

Side note. I have had to log into MS like 400 times at this point. It keeps asking me to do it. Also have to choose each time between an AAD Account or Personal account, or, weirdly, Google, like I know what the difference is. Also AAD and Personal work for the same account, which we’ll get to later.

167701-cleanshot-2022-01-23-at-2037092x.png

OK, so I see this screen

167547-cleanshot-2022-01-23-at-2023322x.png

Now, if I click on “Create account in the Azure Portal” it takes me to the same screen to create a new resource. I assumed that it would somehow see that this is the same user using the VAfM portal and the Azure portal and like link the accounts (ARM or something?) but it does not.

But! Never fear, there is a “Classic” account I can make and I can do it by switching to manual configuration. No problem, we’ll do it manually.

167702-cleanshot-2022-01-23-at-2038592x.png

OMFG. What is any of this?

Don’t worry, I’m a seasoned veteran of computing and APIs and I can probably figure this out. A bunch of these say “Media Service” and I can find what I think fits in these fields under the “Media Service” resource that was created for me.

167548-cleanshot-2022-01-23-at-2041022x.png

167711-cleanshot-2022-01-23-at-2042132x.png

One fun thing here is the Azure Active Directory tenant, which is not listed anywhere under any of the resources, but is almost under the Settings tab (it’s only partially shown and also referred to as “Domain” rather than “tenant”, but why should consistent terminology matter?) So I just searched for “active” and there are several (AD Priv Identity Management, Azure Active Directory, B2C Tenants (which does use the word “tenant”), etc).

167655-cleanshot-2022-01-23-at-2043312x.png

Luckily, “Azure Active Directory” has my “tenant”. But of course it’s called “Primary Domain”.

167703-cleanshot-2022-01-23-at-2043412x.png

OK, now I’m left with this fun puzzle:

167683-cleanshot-2022-01-23-at-2046022x.png

Now what could an “Application” be? That’s incredibly vague. I’ve just created at least 5 “resources” (Managed Identity, VA4M, Media Service, Storage Account and Streaming Endpoint), plus a resource group. VA4M seems like an application but I can’t find anything like an ID and key there.

So I went back to Media Services and found a sidebar entry (below the fold) called “API Access”. I want API access to VA4M, but maybe that’s under Media Services?

167712-cleanshot-2022-01-23-at-2048512x.png

OK, now we need to decide if it’s “User Authentication” Or “Service Principal Authentication” that we want. I guess it’s SPA because I guess we’re “middle-tier”.

167684-cleanshot-2022-01-23-at-2050012x.png

But also, we have something that looks like an App and Secret! Huzzah! It didn’t exist, but there is a “Create New” button, so I think we can make it exist. Also, I have no idea what AAD is, but one of the A’s probably stands for “App” and we need an App ID.

We click on “Create New” and choose a name and it creates the App. Then we click “Create New” under Secret and create a new Secret. (Also of note, this is all a guess, because the Form, as you will remember, asks us for “Application ID” and “Application Key”, where this has none of those terms).

167704-cleanshot-2022-01-23-at-2054072x.png

OK, created. I take my new AAD app name (supposing that it’s the ID) and the Secret and use it as the Application ID and Key.

Wah Wah. Does not work. Do you know why? Because the “AAD app” that I created actually creates a Client ID in the background but does not show it to you. Awesome.

To see the actual client id you need to use in the form, you have to click on “Select” next to the AAD app you just created and then click on “All Applications” to see the Client ID next to the Name of the new application you just made. Also remember, “ClientId” here maps to “Application ID” in the VA4M Portal form, and “Secret” is the “Application Key”.

167645-cleanshot-2022-01-23-at-2057152x.png

OK, now putting all that into the portal form will connect our “Classic account” to our VA4M portal account under the “Manual” way. Boom!

167685-cleanshot-2022-01-23-at-2101222x.png

No more limit. But wait, there is still a “Trial” account associated here. Oh well, probably no big deal. I’m sure we can just use the new Account ID and a new Primary Key to access the account without limits, right?

❯ ruby az_analyze_video.rb    
#&lt;Response:70272846589760 HTTP/1.1 @status=401 @headers={&#34;transfer-encoding&#34;=&gt;[&#34;chunked&#34;], &#34;content-type&#34;=&gt;[&#34;application/json&#34;], &#34;x-ms-request-id&#34;=&gt;[&#34;bf541fe9-4944-42c8-af37-f5fb843460ef&#34;], &#34;x-content-type-options&#34;=&gt;[&#34;nosniff&#34;], &#34;strict-transport-security&#34;=&gt;[&#34;max-age=31536000&#34;], &#34;access-control-allow-credentials&#34;=&gt;[&#34;true&#34;], &#34;date&#34;=&gt;[&#34;Sun, 23 Jan 2022 20:03:36 GMT&#34;], &#34;connection&#34;=&gt;[&#34;close&#34;]} @body=129&gt;   
&#34;{\&#34;ErrorType\&#34;:\&#34;USER_NOT_REGISTERED\&#34;,\&#34;Message\&#34;:\&#34;User is not registered to APIM. Trace id: &#39;f87e923b-e266-4a71-add2-adc85c875a1f&#39;.\&#34;}&#34;   

Nope. The user key I have is linked to the “Trial” account. But it created a new account with the same email address, so if you try to go back to the Products tab to get a new service key by subscribing to the Authorization API, it gives me:

167550-cleanshot-2022-01-23-at-2105472x.png

LOL

OK, now I have two mirrored accounts that conflict with each other in a way that I cannot fix. I can’t get a new Primary/Secondary key for the AAD user because it conflicts with my Personal User because it created it off the Personal user.

But luckily there is a way to fix it. It says right here “if you have two users with the same email, you can delete your Developer Portal account and register again”. Great solution. Ok, let’s do that.

167676-cleanshot-2022-01-23-at-2108582x.png

Great. So 3 months from now that pending delete will go through and I will maybe be free to log in with my other AAD account and generate an access key and use the API?

Azure Media Services
Azure Media Services
A group of Azure services that includes encoding, format conversion, on-demand streaming, content protection, and live streaming services.
317 questions
{count} vote

1 answer

Sort by: Most helpful
  1. Manish Mudgal 1 Reputation point
    2022-06-27T10:20:11.753+00:00

    Here is how you do it

    1. Go to Azure Active Directory service (User the search bar in your azure portal)
    2. Left pane --> Custom domain. Check if there is already a domain registered. Azure provide a default domain xxxxxxxx.onmicrosoft.com
    3. Create a user from the left pane in AD it will finally be an email id password user like somename@xxxxxxxx.onmicrosoft.com
    4. Add this user as an owner in your subscription(Just to validate the point. Later you would like to assign a more appropriate role)
    5. Go to videoindexer.ai page in a new tab. Login with AD. Login with somename@xxxxxxxx.onmicrosoft.com which you created in step #3.
    6. Click -Create unlimited account. Perform the steps you already know to enter the details manually.
    7. Now your classic account is ready
    8. Click the button to link it with ARM account. This will take you to your azure portal where you will create a videoIndexer account. Since your MediaService is already linked with the classic account, both mediaservice and your classic account will already be picked.
    9. You are done. Validate it by comparing both account ids on video indexer website and azure portal. Should be exactly same.
    10. Pro tip: Dont forget to check top right if the correct account is selected. By default it would be the trial one so dont get confused.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.