Prerequisites
Please answer the following questions before submitting an issue. YOU MAY DELETE THE PREREQUISITES SECTION.
- What is your product version? - 11.4.0 (Release Candidate)
- What is your product type (Angular or MVC)? - Angular
- What is product framework type (.net framework or .net core)? - 6
I have downloaded the Release candidate and I see the Azure Keyvault configuration has changed :
Configuration": { "AzureKeyVault": { "IsEnabled": "false", "KeyVaultName": "" }
Where are we going to put the clientid and clientsecret ?
Previous configuration :
"Configuration": { "AzureKeyVault": { "IsEnabled": "false", "KeyVaultName": "xxx", "AzureADApplicationId": "", "AzureADCertThumbprint": "", "ClientId": "", "ClientSecret": "" }
13 Answer(s)
-
0
Hi,
With this change, only KeyVaultName is needed.
-
0
I am hosting my application in AWS. I am not sure how this will work. i went through the article but it doesnt say anything about how an external app hosted oitside azure will.authenticate using thenew azureRBAC . please provide some details.
-
0
AuthenticationFailedException: ManagedIdentityCredential authentication failed: Managed Identity response was not in the expected format.
This is the issue we are getting as we are hosted in AWS. We need to know how to pass the Azure Client ID and Client Secret to Azure to authenticate and get token and access the KeyVault.
This is a breaking change for systems which are hosted in non-azure environments and we need more documentation around this change.
-
0
Please provide an answer at the earliest as it's holding our upgrades big time.
Thank you in advance.
-
0
Any updates ?
-
0
Hi @maharatha
For now, please use the old approach. We also couldn't find any info on Microsoft documentaion about this and we are trying to find a solution for this. We will inmform you once we get a solution.
-
0
Not sure what the old approach means here. are you asking not to use the release candidate or not to use azure key vault? i can't use azure key vault with the release candidate as there is no way of passing clientid & client secret
-
0
Hi @maharatha
Just revert the changes in this PR https://github.com/aspnetzero/aspnet-zero-core/pull/4582, we will do the same for 11.4 final release.
-
0
No that didn't work as it was somehow expecting the AzureTenantId when I am not using certificate which was not in the case in the past. So I had to use the code from my other project and make it work.
-
0
Hi @maharatha
If you have an Azure Key Vault account, I guess, you should have a tenantId. Could you contact with Azure support and ask for it ?
-
0
That's incorrect. The previous implementation only needed ClientId , Client Secret and KeyVault Name.
The tenantId is the AzureADtenantID in case you are using Certificate Thumbprint.
I made the code to work on the release candidate by copying the code from previous project.
I have downloaded the Released version today, will let you know if i come across the same issue
-
0
Hi @maharatha
Thanks for the update. This implementation is changed by Microsoft. However, you can try other options instead of
ClientSecretCredentialherehttps://github.com/aspnetzero/aspnet-zero-core/blob/dev/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Core/Configuration/AppAzureKeyVaultConfigurer.cs#L20
