Closed jaxidian closed 7 months ago
FYI, I have tried changing my code to directly use ManagedIdentityCredential
and, once deployed, it returns the same behavior. The problem seems related to that and not specific to the DefaultAzureCredential
abstraction.
Hi @jaxidian. Thanks for reaching out and we regret that you're experiencing difficulties. The error that you're seeing indicates that the managed identity endpoint on the Azure Functions host machine is experiencing an error when processing the request. This is not anything that you've done wrong in your code. Unfortunately, it is also not something that the Azure.Identity
library has insight into nor influence over.
I've transferred this to the Azure Functions Host repository as #9884 so that the folks best able to assist have visibility.
@jsquire Thanks for this clarification and for reposting the issue in the Functions Host repo.
Do you believe this is an app/library problem with what we're deploying (I understand it's not the Azure.Identity
library) or do you believe this is an Azure service issue with what's hosting this and nothing I deploy is likely to work? I just want to make sure I focus my efforts down the correct path based on your understanding. Based on your description of "the managed identity endpoint on the Azure Functions host machine is experiencing an error", I can't tell if you mean the error is manifesting itself within the host service or if some other dependency is causing the error. "I don't know" is an okay answer, of course.
@jaxidian: I don't have enough understanding of how the functions host stands-up its managed identity endpoint to say authoritatively, but I very seriously doubt that there's anything you could do in the application to trigger an HTTP 500 response from the endpoint. Anything in the 500 range generally means "it's not you, it's us" - using that as the basis, my best guess is that this is a problem with the host environment.
Library name and version
Azure.Identity 1.10.4
Query/Question
The Problem
I am attempting to have one Azure Function call another Azure Function with Azure API Management in the middle. I'm getting an exception on the
GetTokenAsync
call:The call to APIM is protected via OAuth and we've had this functional for some months with various clients (who were not me). My call to try to consume this is pretty simple:
Additional Information
AZURE_TENANT_ID
,AZURE_CLIENT_ID
, andAZURE_CLIENT_SECRET
to trigger theDefaultAzureCredential
's functionality to pull environment variables for authentication. This works.What's causing this? I expected this to "just work", or at least give me a permissions error. I think I've eliminated networking errors and other tangential problems that I'm aware of. Am I missing something?
All of my Nuget packages are as updated as I can have them be (to stable versions, anyway):
The stack trace looks like this:
Note: I've also posted this on StackOverflow.
Environment
Azure Functions, v4, isolated, Premium V2