Skip to content

Files

Latest commit

zhenlanzhenlan
Update rest-api-authorization-hmac.md
Mar 17, 2022
eafb233 · Mar 17, 2022

History

History
27 lines (19 loc) · 1.46 KB

rest-api-authorization-hmac.md

File metadata and controls

27 lines (19 loc) · 1.46 KB
title description author ms.author ms.service ms.topic ms.date
Azure App Configuration REST API - HMAC authorization
Use HMAC for authorization against Azure App Configuration using the REST API
AlexandraKemperMS
alkemper
azure-app-configuration
reference
08/17/2020

HMAC authorization - REST API reference

When HMAC authentication is used, operations fall in to one of two categories, read or write. Read-write access keys grant permission to call all operations. Read-only access keys grant permission to call only read operations. Whether an access key is read-only or read-write is determined by its readOnly property. Any attempt to make a write request with a read-only access key will result in the request being unauthorized.

Obtaining access keys

The specification describing access keys and the API used to obtain them is detailed in the Azure App Configuration resource provider spec here. Access keys are obtained via the "ConfigurationStores_ListKeys" operation.

Errors

HTTP/1.1 403 Forbidden

Reason: The access key used to authenticate the request does not provide the required permissions to perform the requested operation.

Solution: Obtain an access key that provides permission to perform the requested operation and use it to authenticate the request.