While working on Microsoft Azure Rest API using PowerShell script, there is prerequisite to create a service principal (App Registration) first and use its client id and secrets in headers to generate bearer token key. But I was looking to use my existing username and password as credentials. For this requirement, I utilized Microsoft dll libraries which are included with AzureAD PowerShell module. Next provide Tenant Id and Subscription Id. In this example I will use Rest API url to list Storage Accounts as mentioned on the https://docs.microsoft.com/en-us/rest/api/storagerp/storageaccounts/list. While authentication it asks for credentials in html gui.
Note: This scipt only works on Windows Powershell Version 5.1 and it is not compatible with v7.
Download this script here or it is also available on github.com.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
#Url: http://vcloud-lab.com #Date: 19 December 2020 #Author: Janvi #Microsoft Azure dll login libraries $adal = "$PSScriptRoot\dll\Microsoft.IdentityModel.Clients.ActiveDirectory.dll" $adalforms = "$PSScriptRoot\dll\Microsoft.IdentityModel.Clients.ActiveDirectory.WindowsForms.dll" [void][System.Reflection.Assembly]::LoadFrom($adal) [void][System.Reflection.Assembly]::LoadFrom($adalforms) #Tenant and Subscription Id details $tenantId = '3b80xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' $subscriptionId = '9e22xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' #Import Microsoft Azure dll login libraries and show Azure login page $authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList "https://login.windows.net/$tenantId" $authResult = $authContext.AcquireToken('https://management.azure.com/', '1950a258-227b-4e31-a9cf-717495945fc2', 'urn:ietf:wg:oauth:2.0:oob', 'always') #Get Authentication Header (Expires after some time) $authHeader = $authResult.CreateAuthorizationHeader() #Get the list of all Microsoft Azure Storage Accounts $params = @{ ContentType = 'application/x-www-form-urlencoded' Headers = @{ 'authorization' = $authHeader } Method = 'Get' URI = "https://management.azure.com/subscriptions/$subscriptionId/providers/Microsoft.Storage/storageAccounts?api-version=2019-06-01" } Invoke-RestMethod @params | Select-Object -ExpandProperty value | Select-Object name, location |
If you try this script on Powershell version 7 you get below error. I confirmed that I am getting same error when using Connect-AzureAD on Powershell v7 (AzureAD Powershell module), which uses same dll libraries, it was throwing same error.
One or more errors occurred. (Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.): Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.
Useful Articles
MICROSOFT AZURE ERROR REGISTERING RESOURCE PROVIDERS CODE AUTHORIZATION FAILED
INSTALLING MICROSOFT AZURE POWERSHELL
Create your Microsoft Azure 12 Months Free Account
Powershell Azure Inventory GUI Utility
PART 1 : MICROSOFT AZURE CREATION AND CONFIGURATION OF VPN TUNNEL SERIES
PART 2 : MICROSOFT AZURE CREATING RESOURCE GROUP
PART 3 : MICROSOFT AZURE CREATING AND ADMINISTERING VIRTUAL NETWORK (VNET)
PART 3.1 : MICROSOFT AZURE POWERSHELL CREATING AND ADMINISTERING VIRTUAL NETWORK (VNET)
PART 4 : MICROSOFT AZURE CREATING AND ADMINISTRATING LOCAL NETWORK GATEWAY VPN
PART 4.1 : MICROSOFT AZURE POWERSHELL CREATING AND ADMINISTRATING LOCAL NETWORK GATEWAY