oauthazure-active-directoryunauthorizedazure-api-appsazure-scheduler

Call secure Azure API from Azure Scheduler

I have developed an Azure API which is secure with "log in with azure active directory" configured in ExpressMode. In Azure management portal, under application, choosing the registered app in configure section I copied , Client ID and generated key

Now I need to call this API , from azure scheduler, I configured Authentication setting under job Action setting to use "Active Directory OAuth" and I entered the related value for Tenant, ClientId , Secret and for Audience I left the default value which is : https://management.core.windows.net/
but when I try to run the job will be failed Unauthorized' Response Headers:... body : You do not have permission to view this directory or page.

I was wondering which part I have missed to configure?

Thanks!

Solution

  • after some more research, finally found answer, Thanks to the "Unauthorized" when invoking an API App from Azure Scheduler with Azure AD OAuth authentication

    1. Browse to AzureResource Explorer
    2. Select your API app , under config select authsettings node

    3. Edit "allowedAudiences" like below

      "allowedAudiences": [ "https://xxxx.azurewebsites.net", "https://management.core.windows.net/" ],