Working with the REST API
Working with the REST APIs
#!/bin/bash
# Proper install
sudo apt-get -y install jq
sudo pip install yq
# YOLO
curl \
--silent \
--url https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 \
--location \
--output ./jq
chmod +x ./jq
sudo mv ./jq /usr/local/bin
sudo chown root.root /usr/local/bin/jq
If you're running inside a VM, with Managed Identity enabled, you can easily fetch a token. But unfortunately the VM wasn't authorized to hit the resource I care about.
Next stop service principals. Problem is customer's AD admin team running a tough regime, and don't hand out service principals.
So ultimately, how can I get my actual AAD user identity avail in the shell? In the end, all I need is a bearer token.
Let's dive right in:
I want to authN against 'my' Azure AD tenant, and want to hit the Azure ARM REST API.
For the full user login, i.e. device authN, here's what happens under the hood: The code needs to fetch a device code, and then use that code to poll and validate whether the user authenticated.
If you wanna snoop on cURL's requests with something like fiddler, you should add this
--proxy http://127.0.0.1:8888/ --insecure
to the calls.#!/bin/bash
# --proxy http://127.0.0.1:8888/ --insecure \
aadTenant="chgeuerfte.onmicrosoft.com"