I am trying to create a proof of concept with Azure APIM and am stuck at a 400 invalid hostname error.
I have tried following this example
https://learn.microsoft.com/en-gb/azure/api-management/api-management-howto-log-event-hubs
which leads me to this page
https://learn.microsoft.com/en-us/rest/api/apimanagement/2019-12-01/logger/createorupdate
I have in postman the put command with the following url, edited out the personal details
https://management.azure.com/subscriptions/xxxxx-yyyy-zzz-a4ed-b0b5ddddddd/resourceGroups/xx-Trial/providers/Microsoft.ApiManagement/service/xxx-API-Management-Services/loggers/loggerId?api-version=2019-12-01
This is being sent as a PUT command
This is the body that is also being sent
{
"type": "AzureEventHub",
"description": "xx Poc description",
"credentials": {
"name": "apim",
"connectionString": "Endpoint=sb://xx-poc.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=yyyyyyK/ixxxxxxxxxxxxxxc="
}
}
The response that comes back is
<h2>Bad Request - Invalid Hostname</h2>
<hr>
<p>HTTP Error 400. The request hostname is invalid.</p>
I would be grateful if anyone can help me progress this forward as I cannot see what I have missed.
Thanks
After hours of searching I finally stumbled across this url https://www.svenmalvik.com/azure-apim-with-eventhub/ which has resolve my issue.
I had done everything right in terms of setup, but this was the final step that was missing
$apimCtx = New-AzApiManagementContext -ResourceGroupName "xx-Trial" -ServiceName "xx-API-Management-Services"
$ehConnection = (Get-AzEventHubKey -ResourceGroupName "xx-Trial" -NamespaceName "xx-yyy-zzz-eh-ns" -AuthorizationRuleName "xx-yyy-zzz-eh-auth-rule").PrimaryConnectionString
New-AzApiManagementLogger -Context $apimCtx -LoggerId "simon-logger" -Name "simon-logger" -ConnectionString "$ehConnection;EntityPath=xx-yyy-eh"
I believe there'are something wrong with the request body.
{
"type": "AzureEventHub",
"description": "xx Poc description",
"credentials": {
"name": "apim",
"connectionString": "Endpoint=sb://xx-poc.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=yyyyyyK/ixxxxxxxxxxxxxxc="
}
}
Please check the following settings in your request body:
For name, please make sure it's the Event hub instance name, not the Eventhub namespace name. And you can refer to this doc for more details about them.
For connectionString, please make sure it's the Eventhub namespace connectiong string(do not use the Eventhub instance level connection string). For more details, please refer to this doc.
At the end, please also check if the eventhub instance is disabled or not.
Related
I am using this bit of code as an output object in my ARM template,
"[listAdminKeys(variables('searchServiceId'), '2015-08-19').PrimaryKey]"
Full text sample of the output section:
"outputs": {
"SearchServiceAdminKey": {
"type": "string",
"value": "[listAdminKeys(variables('searchServiceId'), '2015-08-19').PrimaryKey]"
},
"SearchServiceQueryKey": {
"type": "string",
"value": "[listQueryKeys(variables('searchServiceId'), '2015-08-19')[0]]"
}
I receive the following error during deployment (unfortunately, any error means the template deployment skips output section):
"The requested resource does not support http method 'POST'."
Checking the browser behavior seems to validate the error is related to the function (and, it using POST).
listAdminKeys using POST
How might I avoid this error and retrieve the AzureSearch admin key in the output?
Update: the goal of doing this is to gather all the relevant bits of information to plug into other scripts (.ps1) as parameters, since those resources are provisioned by this template. Would save someone from digging through the portal to copy/paste.
Thank you
You error comes from listQueryKeys, not admin keys.
https://learn.microsoft.com/en-us/rest/api/searchmanagement/adminkeys/get
https://learn.microsoft.com/en-us/rest/api/searchmanagement/querykeys/listbysearchservice
you wont be able to retrive those in the arm template, it can only "emulate" POST calls, not GET
With the latest API version, it's possible to get the query key using this:
"SearchServiceQueryKey": {
"type": "string",
"value": "[listQueryKeys(variables('searchServiceId'), '2020-06-30').value[0].key]"
}
I found that graph API in Germany endpoint seems not to support
GET /users/<id>/mailFolders/delta
it returns
**400**
{
"error": {
"code": "ErrorInvalidIdMalformed",
"message": "Id is malformed.",
"innerError": {
"request-id": "cf713386-f050-40b4-b987-43cc2384eade",
"date": "2017-12-12T07:13:10"
}
}
}
However it works fine at
GET /users/<id>/mailFolders
Thanks for help
I had been in the same trouble, but I resolved.
Your request to:
GET /users/<id>/mailFolders/delta
is not correct, I think.
I guess that this mail folder delta was made by you, doesn't it?
To specify a mail folder, you need to use folder id, not display name.
Though you might already get the folder id, you can get the folder id by sending a request
GET /users/<id>/mailFolders
Note: Actually, we can get folder_ids via powershell:
Get-MailboxFolderStatistics
cmdlet on Exchange. However, these folder_id are malformed in ms-graph request. So you need to use the id which you can get as described above.
I have followed Instagram documentation (https://www.instagram.com/developer/subscriptions/) on how to create a user subscription.
This is the response that I get after creating the subscription:
{
"meta": {
"code": 200
},
"data": {
"object": "user",
"object_id": null,
"aspect": "media",
"subscription_id": 0,
"callback_url": "http://CALLBACK_URL",
"type": "subscription",
"id": 0
}
}
Some of the users that have authenticated with my app have posted some media and yet I'm not seeing anything from my end, which makes me think that there might be an error with the subscription.
subscription_id or id 0 does not look correct to me. My app is still in Sandbox mode, is this the problem?
Also, I have tried creating another subscription with object=tag and object_id=blah but it returns the same response as above.
Any advice would be very much appreciated. Thank you!
The subscription_id=0 looks weird but it's normal in sandbox. Perhaps you can make sure your callback url is actually receiving the post from Instagram properly (save it to a log to test).
I'm writing a simple SNS client that is meant to subscribe itself to an SNS topic and then listen for notifications. I can successfully submit a sns.subscribe request, but when I pick up the SubscriptionConfirmation POST message from AWS and try and respond using sns.confirmSubscription I get an AuthorizationError returned:
[AuthorizationError: User: arn:aws:iam::xxx:user/mv-user is not authorized to perform: SNS:ConfirmSubscription on resource: arn:aws:sns:us-east-1:xxx:*]
If I use exactly the same Token and TopicArn in a GET query to the server the subscription confirmation works fine, with no authentication.
Any ideas why it's not working? My SNS topic is wide open with publish/subscribe permissions set to 'Everyone'.
For reference, my code is something like this:
var params = {
TopicArn: topicArn, // e.g. arn:aws:sns:us-east-1:xxx:yyy
Token: token // long token extracted from POST body
};
sns.confirmSubscription(params, function (err, data) {
if (err) {
// BOOOM - keep getting here with AuthorizationError
} else {
// Yay. Worked, but never seem to get here :(
}
});
However, if I navigate to the URL similar to this in a browser (i.e. completely unauthenticated), it works perfectly:
http://sns.us-east-1.amazonaws.com/?Action=ConfirmSubscription&Token=<token>&TopicArn=arn%3Aaws%3Asns%3Aus-east-1%3Axxx%3Ayyy&Version=2010-03-31
The only differences seem to be the inclusion of 'Authorization' and 'Signature' headers in the programmatic version (checked using Wireshark).
Any ideas? Thanks in advance!
Update
In my code, if I just programatically do a simple GET request to the SubscribeURL in the SubscriptionConfirmation message this works fine. Just seems odd that the confirmSubscription API call doesn't work. Will probably stick to this workaround for now.
Update 2
Also get the same error when calling sns.unsubscribe although, again, calling the UnsubscribeURL in each notification works. Seems other people have run into that issue too but can't find any solutions.
I faced a similar issue while developing my application.
The way I ended up solving it is the following:
go to IAM and click on your user
go to the permissions tab and click on "Attach Policy"
use the filter to filter for "AmazonSNSFullAccess"
Attach the above policy to your user.
The above should take care of it.
If you wanna be fancy you can create a custom policy that is based on "AmazonSNSFullAccess" and apply it to you user instead.
The custom policy would be something similar to the following:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"sns:ConfirmSubscription"
],
"Effect": "Allow",
"Resource": "YOUR_RESOURCE_ARN_SHOULD_BE_HERE"
}
]
}
The error says it all:
[AuthorizationError: User: arn:aws:iam::xxx:user/mv-user is not authorized to perform: SNS:ConfirmSubscription on resource: arn:aws:sns:us-east-1:xxx:*]
is basically telling you that the IAM user you're using to call ConfirmSubscription doesn't have the proper permissions to do so. Best bet is to update the permissions for that IAM user, specifically adding ConfirmSubscription permissions.
(Based on your comments, even though the documentation says otherwise, the error is pretty specific... might be worth following up directly with AWS about this issue, since either the error message or documentation is incorrect).
I've been trying to do various things through your Mail REST API today and not having much success... My project (using the api) has been running for at least a month now, but requests to your api are failing.
For example:
GET https://outlook.office365.com/EWS/OData/Me/messages (works)
GET https://outlook.office365.com/EWS/OData/Me/inbox (doesn't work)
Looking at the documentation, still says its available.
Trying to send an email using:
POST https://outlook.office365.com/EWS/OData/Me/Messages?MessageDisposition=SendAndSaveCopy also just returns 400 (Bad Request)
Any info about this?
Also, the http status codes returned are not useful at all; almost all errors return as 400's. In one instance, I didn't provide auth creds, and a 400 was returned instead of the appropriate 401. The accompanying status code detail could also be more helpful.
Thanks for the feedback and sorry for the inconvenience. We are currently deploying some non-backwards compatible changes described here, and this is causing your issues. The current set of changes including versioning support, and deploying non-backwards compatible changes won't cause issues for your app in the future. For the queries, that don't work, please use the following:
Accessing Inbox: https://outlook.office365.com/ews/odata/me/folders/inbox
Send email (new action called SendMail):
POST https://outlook.office365.com/ews/odata/me/sendmail
{
"Message":
{
"Subject": "Test message",
"Body":
{
"Content": "This is test message!"
},
"ToRecipients":
[
{ "EmailAddress": { "Address": "John#contoso.com", "Name": "John Doe" }},
{ "EmailAddress": { "Address": "Jane#fabrikam.com", "Name": "Jane Smith" }}
]
},
"SaveToSentItems": true
}
Hope this helps. We are updating the documentation to reflect the changes, and it should be available shortly. Thanks for the feedback on the HTTP status codes, we will review the status codes returned currently and make any fixes required.
Conversation support is in our roadmap but we don't yet have a timeline to share. Currently, you can search using https://outlook.office365.com/ews/odata/Folders/FolderId/Messages?$filter=ConversationId%20eq%20%%27ConversationID%27 but this will only return messages within the specified folder belonging to that conversation.
Let me know if you have any questions or need more info.
Thanks,
Venkat