问题描述
您好,
我按照本教程的这一部分手动创建了SAS令牌:
https://docs.microsoft.com/en- us / rest / api / apimanagement / apimanagementrest / azure-api-management-rest-api-authentication
我在API中的每个操作的标题中添加了值(根据需要)。
当我在SAS令牌值到期日后测试时:
预期结果:401未经授权的错误
实际结果:200 OK
如何解决这个问题。显然我们无法使用身份验证的这一部分,因为它无法正常工作。
提前感谢您的回答。
Darya
Hello,
I followed this part of tutorial to create manually the SAS token:
https://docs.microsoft.com/en-us/rest/api/apimanagement/apimanagementrest/azure-api-management-rest-api-authentication
I added the value to the header of each operation inside my API (as required).
When I test it after the expiration date of the SAS token value:
Expected result: 401 Unauthorized error
Actual result: 200 OK
How to solve this problem. Apparently we cannot use this part of Authentication as it doesn't work properly.
Thank you in advance for your answer.
Darya
推荐答案
有了它,您只需使用您的AAD凭证进行身份验证,并且还需要
基于角色的访问控制 可以分配给
服务主体以及。
With it, you would just use your AAD credentials to authentication yourself and also haveRole-Based Access Control which can be assigned to a service principal as well.
这篇关于API管理。当我们手动创建SAS令牌时,到期日期不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!