My application makes use of the open-id configuration end-points provided for Azure B2C, for example:
https://login.microsoftonline.com/<tenant>.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=<policy-name>
This works fine for built-in policies. If I try to access the configuration for a custom policy, I get the below error (AADB2C90022):
This is even if I use the link generated in the Azure Portal here:
Is this supposed to work?
The AADB2C90022 error is caused by a faulty policy.
Test the specific policy by running the Run now endpoint URL before attempting to download the configuration metadata URL.
Related
Tried searching for API as well as SDK in microsoft website but didn't get any specific result.
I am trying to create a dashboard for all the availability status of all the application gateway using python and plotly.
This api is not providing the output
GET https://management.azure.com//subscriptions/Subs/resourceGroups/Rsg/providers/Microsoft.Network/applicationGateways/appgw/Microsoft.ResourceHealth?api-version=2018-01-01
You can make use of Postman by creating a service principal like below:
Go to Azure Portal -> Azure Active Directory -> App Registrations -> New Registration
Make sure to add the Api permission like below:
Generate the access token via Postman like below:
To resolve the error, try using POST method instead of GET while calling the query like below:
https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/applicationGateways/{applicationGatewayName}/backendhealth?api-version=2021-08-01
Alternatively, you can make use of below PowerShell command as mentioned in this MsDoc:
Get-AzApplicationGatewayBackendHealth
Reference:
java - How to check the health of application gateway in Azure by Peter Pan
We have an app which get data from Azure DevOps Services using RestAPI with token. Without authentication it is working fine.
After enabling authentication get errors 500/431 without any explanation. Authentication set for single tenant and with new application registration.
THE ONLY WAY TO GET AROUND THIS PROBLEM WAS TO USE A CONTAINER BUILD FROM AZURE - USE VS CODE TO PUBLISH & BUILD - USING A CUSTOM CONTAINER FAILED ALWAYS
I tried the following without success:
Setting - WEBSITE_AUTH_DISABLE_IDENTITY_FLOW - Azure Web App + Node.js + Azure AD = Error 431
Added specific permission for - Azure DevOps Services on the Identity provider tab.
Any advice would be most appreciated
The error 500 may occur if you have enabled App Insights monitoring on client-side.
Please check whether you have enabled that option or not like below:
APPINSIGHTS_JAVASCRIPT_ENABLE = true
If it is enabled, disable it by assigning false parameter as suggested in this SO Thread by L. González.
These 500/431 errors occur due to many reasons and to know the exact issue behind the error, try enabling diagnostic logging.
To know more about diagnostic logging please refer this MsDoc
Try restarting the App Service and raise Azure Support Ticket if still the issue persists.
Reference:
how do I fix the azure web app error 500? - Stack Overflow
I am trying to release multiple projects in 1 solution using Azure Release pipeline
They are all connected to the same Azure Subscription, but some do deploy to the given app service while others give an unauthorized error.
Ive looked into it and i read that adding website_webdeploy_use_scm to the app service should help the Unauthorized error, but this didnt help for me.
What else could i look at? I connect through Azure Devops so i just selected the subscription from the list it automatically gathers from Azure because im logged in using the same logins as i use for Azure Portal
the full error is:
Connected to the remote computer ("xxxx.azurewebsites.windows.net") using the Web Management Service, but could not authorize. Make sure that you are using the correct user name and password, that the site you are connecting to exists, and that the credentials represent a user who has permissions to access the site. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_UNAUTHORIZED.
Error: The remote server returned an error: (401) Unauthorized.
according to the error I'd suggest you check service principal permissions. it probably lacks the permissions required to manage those webapps.
So after refresh publishing profile in Azure Portal and trying it again it fixed itself so im not sure if that caused it or not but it worked!
another fix is to delete the slot and make it again
Azure endpointName.azureedge.net created successfully but while accessing Endpoint url it show error
You do not have permission to view this directory or page.
Did I need to add Custom domain to work it out.
Please guide me.
Which endpoint do you add in Azure CDN profile? If adding Azure web app as its endpoint, which language do you use to develop your web app? From my experience, Please try to input detailed path in your url, for example https://endpointName.azureedge.net/default. We can also set default page at Azure web app Application settings like below screenshot:
Build your solution in release mode
Try to publish it with using publish option of project then check
I am trying to implement a Custom STS as a WebRole to be deployed onto Azure. The problem i have is that how do i generate or write the Federation Metadata.xml file for my Custom STS. if i write it myself can i get the custom reference id and how do i sign it?
Also as my STS is an Azure application ,so when i run it the Azure Emulator it has a URL like http://127.0.0.1:81/ ,so i would using this as the link in the Federation Metadata.xml file but afterwards when i publish the STS onto Azure as a production deployment it would have a URL like http://cloudSts.cloudapp.net so i would have to reflect these changes in my Federation Metadata.xml file,the question here is that after making these changes should i upgrade/publish the package again and then move it onto production or else i can simply upload the changed Federation Metadata.xml file onto ACS(where i have my Custom STS as an IP) and it would work?
Thanks
Here is a post I wrote on how to generate federation metadata dynamically: http://www.syfuhs.net/post/2010/11/03/Generating-Federation-Metadata-Dynamically.aspx
There is a variable in there called 'host' that you would modify. There are a couple ways to do it. You could look at the host header in the HTTP request, but you have to account for when it's not there. Or you could stick it into the role configuration. That would allow you to update it without having to redeploy.