403 Forbidden

[Selekena]

I don't know how to get a client certificate to perform these operations. I have tried using ARMClient login (prod) and using "spn" with app registrations and their certificates and no luck. Advice please.

ARMClient.exe put https://eastus2.rp.management-azure-devices-provisioning.net/subscriptions/sub/resourceGroups/rg/providers/Microsoft.Devices/provisioningServices/dps/certificates/cert?api-version=2022-02-05 C:\Users\me\certPayload.json -verbose ---------- Request -----------------------

PUT /subscriptions/sub/resourceGroups/rg/providers/Microsoft.Devices/provisioningServices/dps/certificates/cert?api-version=2022-02-05 HTTP/1.1 Host: eastus2.rp.management-azure-devices-provisioning.net Authorization: Bearer {personal user token}... User-Agent: ARMClient/1.9.0.0 Accept: application/json x-ms-request-id: b398407f-c9ae-450a-8030-807cb74b6704 x-ms-client-request-id: b398407f-c9ae-450a-8030-807cb74b6704 x-ms-correlation-request-id: b398407f-c9ae-450a-8030-807cb74b6704

{ "certificatename": "cert", "type": "Microsoft.Device/ProvisioningServices/certificates", "certificateDescription": { "Properties": { "certificate": "-----BEGIN CERTIFICATE-----\n*****\n-----END CERTIFICATE-----\n" } } } ---------- Response (6188 ms) ------------

HTTP/1.1 403 Forbidden Content-Length: 265 Content-Type: application/json; charset=utf-8 Date: Wed, 18 May 2022 21:49:04 GMT Server: Microsoft-HTTPAPI/2.0

{ "code": 403003, "httpStatusCode": "Forbidden", "message": "U007:Missing client certificate. If you contact a support representative please include this correlation identifier: b398407f-c9ae-450a-8030-807cb74b6704, timestamp: 2022-05-18 21:49:04Z, errorcode: IH403003." }

[Selekena]

It seems like ARMClient raises this issue when I try to use more specific ARM endpoints like

https://{region}.rp.{resourceprovider}.net

versus the global,

https://management.azure.com/