這裏是對azure oauth2客戶端憑證的描述。 https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-oauth-service-to-service我可以使用azure oauth2客戶端憑據流訪問經典的azure服務管理rest api嗎?
我可以發出一個請求,以獲得訪問令牌是這樣的:
POST /f2eae84a-d4b2-4f23-a74b-cdb32db66fd4/OAuth2/Token HTTP/1.1
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache
grant_type=client_credentials&client_id=e7ce6e44-3df6-4183-bcde-8e360fc7b685&client_secret=xxxxxxxxxxxxxxxxxxxxxxx&resource=https%3A%2F%2Fmanagement.core.windows.net%2F
它返回一個訪問令牌succussfully
但是當我使用該令牌訪問服務管理API這樣的:
GET /30dc506b-71d0-47dc-ab86-1a1c0ce4bea1/services/storageservices HTTP/1.1
Host: management.core.windows.net
Authorization: Bearer XXXXXXXXXXXXXXXXXXX
Accept: application/json
Cache-Control: no-cache
它返回一個403