The request has both SAS authentication scheme and 'Bearer' authorization scheme. Only one scheme should be used.

Azure / apim-lab

API Management - Hands-on Lab Workshop

https://azure.github.io/apim-lab/

MIT License

74 stars 81 forks source link

The request has both SAS authentication scheme and 'Bearer' authorization scheme. Only one scheme should be used. #106

Closed gwinnem closed 1 year ago

gwinnem commented 1 year ago

Describe the bug

After following JSON Web Token Validation at https://azure.github.io/apim-lab/apim-lab/7-security/apimanagement-7-1-JWT-Validation.html I get this response:

The request has both SAS authentication scheme and 'Bearer' authorization scheme. Only one scheme should be used

To Reproduce Steps to reproduce the behavior: Follow the above lab excersize: Azure Apim Hands On Lab

Expected behavior Http Status code 200 returned but im getting the 401

Chad-Dumas-MSFT commented 1 year ago

I've ran the lab twice without issue. @gwinnem, can you attempt again by copy/paste the payload, enter secret: 123412341234123412341234 in Verify Signature and check 'secret base64 encoded'. From there, copy and paste the inbound policy as shared and run it again? Thanks.

gwinnem commented 1 year ago

Tnxs for the reply. I will try again later today and get back to you.

gwinnem commented 1 year ago

@Chad-Dumas-MSFT The issue was caused by the logic app, and i solved it by adding: `

To the inbound policy. So my config resulted in:

123412341234123412341234

<backend>
    <forward-request />
</backend>
<outbound />
<on-error />