Azure Identity => ERROR in getToken() call for scopes [https://ossrdbms-aad.database.windows.net/.default]: Managed Identity authentication is not available #39548
Labels
Azure.Identity
Client
This issue points to a problem in the data-plane of the library.
customer-reported
Issues that are reported by GitHub users external to the Azure organization.
needs-team-attention
This issue needs attention from Azure service team or SDK team
question
The issue doesn't require a change to the product in order to be resolved. Most issues start as that
a) Set up postgres database with managed identity
b) add this managedIdentity in database
psql "host= dbname=postgres user= password=$PGPASSWORD" -c "select * from pgaadauth_create_principal_with_oid(,, 'service', false, false);"
b) Create app which will create JDBC connectivity using postgres db(enabled workload identity)
c) Deploy this app using K8 env and verify the flow with JDBC connection
k8 already using azure.workload.identity/use: "true"
as well as for Service account - azure.workload.identity/client-id:
There are two issue which is faced during this setup
TokenCredential managedIdentityCredential = (new ManagedIdentityCredentialBuilder()).clientId(clientId).build();
String accessToken = ((AccessToken)managedIdentityCredential.getToken((new TokenRequestContext()).addScopes(new String[]{"https://ossrdbms-aad.database.windows.net/.default"})).block()).getToken();
which error out as below
ERROR ManagedIdentityCredential:553 - Azure Identity => ERROR in getToken() call for scopes [https://ossrdbms-aad.database.windows.net/.default]: Managed Identity authentication is not available.
error out as below
org.postgresql.util.PSQLException: SSL error: Certificates do not conform to algorithm constraints
Looking for reference doc and step here
create postgres database with workload identity
create JDBC app to connect with postgres database
The text was updated successfully, but these errors were encountered: