You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The CLI Auth method does not correctly handle getting the token with the adequate scope.
When authenticated with the CLI the current token does not allow reading the vault secrets as its not correctly scoped, it generates the following error when trying to get the secrets:
After troubleshooting this issue I found that the get_access_token method would need to handle scoping so the token is generated for the needed API call.
Small hack: Note this fixes the armrest secret show command but breaks the rest as the token is no longer valid for other API calls like resource creation...
The CLI Auth method does not correctly handle getting the token with the adequate scope.
When authenticated with the CLI the current token does not allow reading the vault secrets as its not correctly scoped, it generates the following error when trying to get the secrets:
WARN: AKV10022: Invalid audience. Expected https://vault.azure.net, found: https://management.core.windows.net/.After troubleshooting this issue I found that the
get_access_tokenmethod would need to handle scoping so the token is generated for the needed API call.Small hack: Note this fixes the
armrest secret showcommand but breaks the rest as the token is no longer valid for other API calls like resource creation...armrest/lib/armrest/api/auth/cli.rb
Line 28 in 80d2d88
Add this just after the above line:
The text was updated successfully, but these errors were encountered: