This is regarding Azure Event hub and I am trying to send data using a POST api call from POSTMAN to my Event hub.
Steps I followed:
Created Event Hub,
Generated SAS send token,
Created Consumer group
Now in postman I am struggling to format the correct headers:
request I send:
POST: https://testeventhu.servicebus.windows.net/myhub
2 headers :
Content-Type : application/atom+xml;type=entry;charset=utf-8
Authorization: SharedAccessSignature sig=kjheh/f6SqR8dIW2nRpGUCHuhdshss2KoCKo7Q6ozmY=&se=1571140739&skn=saspolicy&sr=https://testeventhu.servicebus.windows.net/myhub
and I get the error as 401 MalformedToken: Failed to parse simple web token
What wrong am I doing in here?the refrence used is from https://learn.microsoft.com/en-us/rest/api/eventhub/Send-event?redirectedfrom=MSDN
Thanks in advance
Please follow my steps as below:
1.After you create your eventhub namesapce and eventhub instance in azure portal -> in azure portal, nav to your eventhub namespace -> Shared access policies, click "Add" button to create a sas policy(here, I just select the Send privilege for sending purpose). The screenshot as below:
2.Generate sas token, I create the sas token via powershell as per this link. Here is my powershell code and the returned sas token:
3.In postman:
The request url should like this, remember add messages at the end: https://your_eventhub_namespace.servicebus.windows.net/your_eventhub_instance/messages
The headers:
Authorization : the sas token from step 2
Content-Type: application/atom+xml;type=entry;charset=utf-8
Host(optional): your-eventhub-namespace.servicebus.windows.net
the screenshot as below, you can see the returned status code is 201 created:
And if you don't know how to set the message body, you can see my message in body in postman:
Please feel free to let me know if you still have any issues.
Related
I am trying to grant access to IoT Hub based on Azure AD. But when I try to get token, it is throwing this error in Postman
####### Update ######
I have already created the Application in Azure AD
The resource field should be the static ID of all IoT Hub service principals. Try this instead of the hostname:
89d10474-74af-4874-99a7-c23c2f643083
Here is another approach:
I tried to reproduce the same in my environment and got the results successfully like below:
I created an Azure AD application like below:
To generate token via Postman, I used the below parameters:
POST https://login.microsoftonline.com/TenantID/oauth2/token
client_id:14ad98e6-8b3d-4774-a2ad-XXXXX
client_secret:XXXXXX
resource:https://iothubs.azure.net
grant_type:client_credentials
Response:
When I decoded the above token, I can see the aud as https://iothubs.azure.net like below:
The 400 Bad request error usually occurs if you have passed any invalid URL while generating the token. Make sure to pass the valid parameters.
Try sending the request again in Postman and check if the access token is generated or not.
Alternatively, you can also replace the resource by 89d10474-74af-4874-99a7-c23c2f643083 as suggested by Matthijs van der Veer like below:
Decoded token Response:
I am trying to register an application on the azure ad using the Graph API calls.
I am using the postman to hit the APIs and I have admin access in Azure.
So Far I have tried the following things:
I registered an application manually on Azure AD using this doc- https://learn.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/aad/service-prin-aad-token. (I gave all the required permissions to my application)
I am fetching the token using the service to service call client credentials- https://learn.microsoft.com/en-us/azure/active-directory/azuread-dev/v1-oauth2-client-creds-grant-flow.
After getting the token I pass it in the Authorization and hit the MS graph Create Application endpoint. https://learn.microsoft.com/en-us/graph/api/application-post-applications?view=graph-rest-1.0&tabs=http.
But In the postman, I am not getting any response body. I have checked my Azure Tenant but I am not able to find any newly Registered App.
For Token service(Get)
Endpoint- https://login.microsoftonline.com/{my-tenant-id}/oauth2/token
body-
grant_type:client_credentials
client_id:{app-id}
scope:https://graph.microsoft.com/.default
client_secret:{secret}
//resource:https://graph.microsoft.com
Response success(200) with token
For Create App(POST)
https://graph.microsoft.com/v1.0/applications
body: {
"displayName": "Created with MS Graph API"
}
Authorization: Bearer {token}
Response: Nothing is showing in response
Response from API
You can register the application using the Create Application API
POST https://graph.microsoft.com/beta/applications
You need to have enough permissions first to be able to register an application with Azure AD. This sample shows how to register and create an application to target the Graph API. https://github.com/microsoftgraph/aspnet-snippets-sample
I found the solution, In the API Header, I was specifying the Content-Length= 67 which was not required. Now I am able to get the Success response.
https://learn.microsoft.com/en-us/graph/api/application-post-applications?view=graph-rest-1.0&tabs=http
If we look at the MS documentation, They have provided the below example
POST https://graph.microsoft.com/v1.0/applications
Content-type: application/json
Content-length: 67
{
"displayName": "Display name"
}
We don't need to pass the Content-Length in headers.
I have been trying to run a log analytics query using Azure API but its returns some error
{
"error": {
"message": "Valid authentication was not provided",
"code": "AuthorizationRequiredError",
"correlationId": "27301475d-cc29-4288-ae61-29e77d6d05cb"
}
}
this was the request I have been trying
https://api.loganalytics.io/v1/workspaces/34567824-3432rewfsdewt435-3424jhh-dsa-/query?query=search in (ContainerLog) "search_data"| where TimeGenerated > datetime("2020-09-03")| project LogEntry & Authorization=Bearer 0000000000000000000000000000
if you guys know anything please help me
Thank you
When we use Azure Log Analytics REST API to do a query, we need to user Authorization=Bearer {token} as request Headers. For more details, please refer to here.
For example
Register Azure AD application
Configure API permissions for the AD application
Give the AAD Application access to our Log Analytics Workspace. Please assign Log Analytics Reader role to the AD application
Get access token
POST /<your tenant id>/oauth2/token HTTP/1.1
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
grant_type =client_credentials
&client_id=<>
&client_secret=<>
&resource=https://westus2.api.loganalytics.io
Call the api
a. POST method
POST https://api.loganalytics.io/v1/workspaces/{workspaceId}/query
Authorization: Bearer {access_token}
Content-Type: application/json
{
"query": ""
}
b. Get method
GET https://api.loganalytics.io/v1/workspaces/{workspaceId}/query?query={query}
Authorization: Bearer {access_token}
See also Valid authentication was not provided thread's answer:
Use API key
You may also create API key and use it for your request:
Go to Application Insights in Azure Portal
Click on API Access blade under Configure section
Create new API key
Use it in REST API calls in a header with Key = x-api-key
Hello i am trying to fetch devices present/registered at IOTHUB via RESTAPI. But i am confused how to fetch all devices.
I have read the documentation here : IoT Hub Service - Get Devices
But When i send a request i am getting an error
"Message": "ErrorCode:IotHubUnauthorizedAccess;Unauthorized",
"ExceptionMessage": "Tracking ID:a795ee1f7ae04adfa600333e45e9aa09-G:5-TimeStamp:06/29/2020 14:32:56"
Is there any auth token to provide in order to get devices?
So for a quick start on this we can use Postman with Azure IoT Hub Query language..+ SAS token for authorization.
Step 1: Generate the SAS token as said by Matthijs, Also we can quickly make use of Device Explorer tool Or Use this link to find the SetupDeviceExplorer.msi. Copy the generated SAS token fully.
Step 2: Construct the Query body.
the POST query looks like this sample. See Registry Manager - Query Iot Hub
POST
https://IOTHUB.azure-devices.net/devices/query?api-version=2020-03-13
{
"query": "SELECT deviceId FROM devices"
}
Step 3: Authorization use SAS token, and send the request to test it out.
A similar thread answered by RomanKiss can be read from Get all devices from IoT Azure Hub.
Please let us know if you know further help!
You can call the rest API using the Shared Access Signature. To get a valid token, you can use the Azure CLI like so:
az iot hub generate-sas-token -n <IoT hub name> --policy registryRead
This will produce an output like:
{
"sas": "SharedAccessSignature sr=iothubname.azure-devices.net&sig=kPszxZZZZZZZZZZZZZZZZZAhLTILsVpT0tp5sRSWiDZ0%3D&se=1593446477&skn=registryRead"
}
Then you need to use the value of "sas" as your Authorization header when you do your GET request. Curl example:
curl --location --request GET 'https://iothubname.azure-devices.net/devices?api-version=2019-07-01-preview' \
--header 'Authorization: SharedAccessSignature sr=iothubname.azure-devices.net&sig=kPszxZZZZZZZZZZZZZZZZZAhLTILsVpT0tp5sRSWiDZ0%3D&se=1593446477&skn=registryRead'
Update
The link below is used to request token and refresh token depending on a field in the body:
http://example.com/token
1 Request a token
A field in the body: grant_type:password
Steps:
1 When the request arrives, APIM forwards it to 3rd party
2 Once APIM receives the reponse from 3rd party, it returns the result to its client.
We want to log data (url, response status code) for this url to Table Storage. Requet for the same url is not logged below:
2 Refresh the token
A field in the body: grant_type:refresh_token
Application Insight is used with APIM, I wonder if Table Storage is the best tool.
Is there built-in UI that is available for viewing data stored in Table Storage
Any information or link or code sample would be appreciated.
C#
VS 2017
APIM has a few ways to send data out of request processing pipeline:
send-request/send-one-way-request allows you to send an HTTP request, you're in charge of constructing request in HTTP terms: method, URL, headers, body.
log-to-eventhub allows you to send a message to EH. You can specify C# expression that produces message payload.
AppInsights integration will allow you to record client request, backend request, backend response, and client response for each request processed by APIM. You can configure it to log extra headers and part of body.