search

mikhailshilkov / mikhailio-hugo

Sources of https://mikhail.io migrated to Hugo
MIT License
12 stars 8 forks source link

Comments to "How Azure CLI Manages Your Access Tokens" #14

Open mikhailshilkov opened 5 years ago

mikhailshilkov commented 5 years ago

Add your comment to How Azure CLI Manages Your Access Tokens. The comments will be displayed directly on the website page.

hbknjr commented 5 years ago

Hey there, Its a nice blog. But can you help me with azure cli.

I am working with azure's python sdk which uses the cli based authentication. Since I am required to use multiple accounts the set-up works perfectly in Linux by creating muliple users and calling python script.

I want similar result in windows but without the overhead of creating multiple users in windows. Is there way to do that like specifying the .azure directory manually while trying to authenticate with CLI. I tried using AAD but my needs span across multiple directories.

mikhailshilkov commented 5 years ago

Unfortunately, I don't know an answer to that. I can only think of running az login before each script or using WSL, but you probably know of these options without me. I think your best bet is to ask a question on Stack Overflow.

hbknjr commented 5 years ago

Thank you for replying. I finally figured it out. Using AZURE_CONFIG_DIR environment variable i was able to separate the profile directories.

Moeser commented 5 years ago

Excellent article. Good examples. Valid tips about securing the ~/.azure dir. Solid information about what the tokens are and how to use them. Nice work.

westforkfab commented 4 years ago

Thank you for sharing this. I follow your steps and it worked the first time, but after the expiration of the token, it did not work anymore. I logout and I login again with running "az login -u username -p passwd I checked the token value stored in my home folder with the command "az account get-token" and the two values are equal.

After that i run the curl command:

curl --header "Authorization: Bearer $token" -H "$contentType" "https://management.azure.com/subscriptions/$subID/resourcegroups?api-version=2019-05-10" | jq .

and I had 

{
  "error": {
    "code": "InvalidAuthenticationToken",
    "message": "The access token is invalid."
  }
}

The bash variables contain the right values:

echo $contentType
Content-Type: application/json

$token and $subID contain the token value and the subscription id.

Any suggestions? What am I doing wrong? Thank you