REST API Application Authentication with AAD

So far, I have successfully used the Application Insights REST API to get metrics with an X-Api-Key header. https://api.applicationinsights.io/beta/apps/xxxxxxxxxx/metrics/customMetrics%2FmetricName?timespan=PT2H&interval=PT20M&aggregation=min

However, with our new dashboard scanning multiple metrics, we hit hard on the 1500 request / api limit.

Some suggest playing with multiple api keys, but I would like to prevent this approach.

According to the documentation, AAD authentication will remove the daily limit ( https://dev.applicationinsights.io/documentation/Authorization/Rate-limits )

But I can not authenticate using AAD (in nodejs, but I suspect this is the same in any language)

I used adal-nodewith a simple application, I successfully received a token, however I can not send it toRequest

var context = new AuthenticationContext(authorityUrl);

context.acquireTokenWithClientCredentials(resource, clientId, clientSecret, function(err, tokenResponse) {
  if (err) {
    console.log('well that didn\'t work: ' + err.stack);
  } else {
    console.log(tokenResponse);

    request({'url' : 'https://api.applicationinsights.io/beta/apps/xxxxxxxxx/metrics/customMetrics%2Fmetrics?timespan=PT2H&interval=PT20M&aggregation=min',
    headers: {
            'Authorization': 'Bearer ' + tokenResponse.accessToken
        }
    }, function (error,response,body){
            console.log(body);
    });
  }
});

enter image description here

I get the following error message The provided authentication is not valid for this resource The given API Key is not valid for the requested resource

I suspect I missed something :)

+1
source share
1 answer

We do not support AAD in our REST API directly. Your resource is managed by the Azure Resource Manager, and only he can confirm that a specific user has access to this resource. API keys are our way of short-circuiting authorization directly to a resource, and not in the context of the user.

AAD , . ARM: 'https://management.azure.com/subscriptions/xxxxxx/resourcegroups/xxxxx/providers/microsoft.insights/components/xxxxx/api/metrics/customMetrics%2Fmetrics?api-version=2014-12-01-preview×pan=PT2H&interval=PT20M&aggregation=min'

- : https://dev.applicationinsights.io/documentation/Authorization

- , REST API.

+1

Source: https://habr.com/ru/post/1016184/


All Articles