Error implementing azureAdApp authorization for self hosted gateway #268
Unanswered
klakshmikantha
asked this question in
Q&A
Replies: 1 comment 1 reply
-
Hi, please open an Azure support ticket to get support for issues. They will be able to help you through this. Also note that you are using |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi,
I was setting up a self hosted gateway on my docker desktop and while it works using the default 30 day token, I was trying to implement the Entra ID integration based security following the steps in this article - https://learn.microsoft.com/en-us/azure/api-management/self-hosted-gateway-enable-azure-ad
Although the article recommends creating custom role, I added existing API mgt contributor role to SPN (to read configurations) and API mgt reader role to APIM managed identity.
When I re-deploy the docker container with following env variables,
config.service.endpoint=custom_domain
config.service.auth=azureAdApp
config.service.auth.azureAd.authority=https://login.microsoftonline.com
config.service.auth.azureAd.tenantId=redacted
config.service.auth.azureAd.clientId=redacted
config.service.auth.azureAd.clientSecret=redacted
gateway.name=self-hosted-gateway-name
runtime.deployment.artifact.source=Azure Portal
runtime.deployment.mechanism=Docker
it fails on startup with below error -
[Error] [GatewayStartup], message: No valid authentication was configured for the configuration API. The supported authentication model(s) are through gateway tokens, Azure AD application or managed identity.
[Error] [TenantRecycleFailed], exception: System.Exception: Gateway is unable to start up given it is not properly configured.
at Gateway.Host.AspNetCore.HostBootstrapper.GetAdditionalTenantSettings() in D:\a\1\s\Proxy\Gateway.App.SelfHosted\HostBootstrapper.cs:line 328
at Gateway.Host.AspNetCore.HostBootstrapper.StartTenantAsync(CancellationToken cancellation, Boolean initialTenantRecycle) in D:\a\1\s\Proxy\Gateway.App.SelfHosted\HostBootstrapper.cs:line 201
at Gateway.Host.AspNetCore.HostBootstrapper.RecycleTenantAsync(CancellationToken cancellation, Boolean initialTenantRecycle) in D:\a\1\s\Proxy\Gateway.App.SelfHosted\HostBootstrapper.cs:line 173
Any thoughts on resolving it? Appreciate any help.
Beta Was this translation helpful? Give feedback.
All reactions