I'm trying to follow the steps layed out in this article: https://blogs.msdn.microsoft.com/visualstudioalm/2016/07/12/jenkins-queue-job-build-task/.
It seems pretty straightforward, but I keep getting invalid login error when trying to queue a build. Right now we are using azure active directory for our jenkins security provider, which I'm assuming is why it might not be working. Does this service only work when using the basic jenkins authentication?
I added my user and pass for azure, but of course they are not working.
Yes, it is caused by the AAD authentication. The work around for this is creating an API Token in Jenkins after login and then use the "User ID" and "API Token" as username and password when you add Jenkins service endpoint in VSTS.
Related
I have a dotnet core api in an app service on Azure.
When I run this locally, with authentication switched on, I can generate a bearer token and use that to successfully access the end points.
On azure, when authentication is switched off I can access the end points, but when I switch authentication on in azure, I can't access any end points with a token. Postman is just returning the standard response "The page cannot be displayed because an internal server error has occurred".
I can't see anything in application insights so I'm really in the dark.
Hoping someone will know of any common issues that could be behind this.
Thanks in advance
You cannot access your web app authenticated with Azure AD using B2C token.
On local, created web app using Visual Studio only have three authentication choices:
As we can see, using Individual User Account is connecting to an Azure AD B2C account.
On portal, you could configure your app service with choices below:
If you are using Log in with Azure Active Directory, you should concern it is not same as B2C. Follow this page to configure Azure AD authentication with web app.
Get the AAD bear token:
Navigate to the app registrations page in your Azure Active Directory, choose the one you created in configuring authentication step. You would see the information like this:
Go to Certificates & secrets page to create a secret, and copy that value, cause you would not see it after leave this page.
Open Postman to get the access token, here is the required parameters:
Use the bear token you got from last step to access your web app:
I have a Sonarqube hosted VM in Azure, I tried to integrate with AAD, created the App Registration and given all the details like client ID, Tenant ID, etc. Unfortunately the Sonarqube is hosted without SSL, So i changed the URL from General Settings. But still i'm getting the error "You're not authorized to access this page. Please contact the administrator."
I would suggest checking the limitations for Redirect URIs for Azure AD App Registrations listed here: https://learn.microsoft.com/en-us/azure/active-directory/develop/reply-url
Also make sure the app registration is done correctly. You can follow the steps mentioned here: https://learn.microsoft.com/en-us/graph/auth-register-app-v2
In case the details shared above doesn't help in fixing the authorization error, we would like to understand the actual error code AAD is throwing to SonarCube along with the correlationID and timestamp so that we can check some backend logs based on those.
I have a Web API project I created using this tutorial that I'm trying to secure using Azure AD.
According to the tutorial, when I create the project, I can select "Change Authentication" and enter my AAD information and the authentication supposed to just "work" as long as I have <Authorize> on the controller I want to secure:
According to the tutorial, I need to add the API as an app in the Azure portal but its steps and screenshots are confusing because they're old and the Azure portal has been reorganized. It says:
Next step is to add the "WebAPIServerSingleTenant" as an app you can access in your native app. Navigate to the "WebAPIClientSingleTenant" app and add "WebAPIServerSingleTenant" to your approved list (tick the checkbox too)
But adding the tenant info from Visual Studio when I created the project creates an app registration in AAD automatically, so I'm not sure what it's asking me to do.
Furthermore, when I try to call the API from Postman, for example, I just get "Authorization has been denied for this request" despite generating and passing an access token in the header of the request that looks right to me.
What steps do I need to follow to secure my web API using Azure AD?
The 'Next step is to add the ..." instruction you quote above is about adding a reference to your API app to the AAD registration of your native app. To register the native app, go to the Azure portal and use App Registration. The instructions for how to do that linked in your article are obsolete - AAD UI is totally different now. Rather use one of the official samples, in particular the one for native client accessing an API.
I've been working on a multi-tenant web application that uses Azure AD authentication, and authentication will intermittently fail with the error message: "AADSTS70002: Error validating credentials. AADSTS50012: Authentication failed." To be more clear, the steps I go through are:
Go to my web app, and click on link to go to Azure AD authentication
Enter valid user credentials for Azure
If this is the first time using my web app, Azure asks the user to grant permissions to their Azure AD information
After accepting the permissions, Azure redirects to the reply URL that I've set up in Azure AD for my application, but it replies with the aforementioned error in the URL string
The application itself is a Node.js web app that uses the Passport module for Azure AD authentication, although I don't think Passport is the source of the problem because the error I get is passed by Azure to the web application's reply URL.
I haven't had luck identifying the source, but I have seen posts from people with similar issues. I have a number of AD accounts that I use both personally and for work, and it seems that there is some remnant left in the browser's cache or local storage that causes this issue because I can switch to another browser or into incognito mode and the problem resolves itself.
I'd like to identify if this is a problem with Azure itself, the way my application handles authentication, or with my work/third party applications implement AD authentication.
I am trying to reproduce this issue using the code sample here in Chrome, however failed.
Based on the same issue link you mentioned, I noticed that the endpoint for he/she using was incorrect. To develop the multi-tenant app, we need to change the specific endpoint with common like below:
https://login.microsoftonline.com/common/
Were you using the specific endpoint? If not, would you mind sharing a code sample to help us to reproduce this issue?
I want to implement authentication system in my web application using Gitlab.
That is, users can login to my application using Gitlab's username and password. How can I achieve this?
I believe you are looking to use Gitlab as the authentication provider for your application.
The GitLab as OAuth2 authentication service provider documentation should get you started.
From the documentation:
For example, you can allow users to sign in to your application with their GitLab.com account