问题
I have an API App which I have secured with Azure Active Directory authentication. Actions of this API App I want to invoke with Azure Scheduler. I entered tenant id, client id & secret into the Scheduler action.
When I schedule or run the job I get:
Http Action - Response from host 'xxxx.azurewebsites.net': 'Unauthorized'
Diagnostic application log gives me:
JWT validation failed: IDX10214: Audience validation failed. Audiences:
'https://management.core.windows.net/'. Did not match:
validationParameters.ValidAudience: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx' or
validationParameters.ValidAudiences: 'https://xxxx.azurewebsites.net'.
回答1:
After some digging I found this somehow related entry.
So I really got into the Resource Explorer, down to the authsettings node of my API App and added the missing audience entry:
"allowedAudiences": [
"https://xxxx.azurewebsites.net",
"https://management.core.windows.net/"
],
Problem solved.
来源:https://stackoverflow.com/questions/36899882/unauthorized-when-invoking-an-api-app-from-azure-scheduler-with-azure-ad-oauth