You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I get this error whenever the arm template is executed. If I remove the openAuthenticationPolicies block the template works fine.
I am also confused with about the values or value to be used in the claims block.
if "claims": [{ "name": "Audience", "values": "https://management.core.windows.net/"}]
Error waiting for deployment: Code="DeploymentFailed" Message="At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details." Details=[{"code":"BadRequest","message":"{\r\n \"error\" : {\r\n \"code\": \"InvalidRequestContent\",\r\n \"message\": \"The request content is not valid and could not be deserialized: 'Could not find member 'values' on object of type 'OpenAuthenticationPolicyClaim'. Path 'properties.accessControl.triggers.openAuthenticationPolicies.policies.adfpolicy.claims[0].values', line 1, position 434.'.\"\r\n }\r\n}"}]]
if "claims": [{ "name": "Audience", "value": "https://management.core.windows.net/"}]
Error waiting for deployment: Code="DeploymentFailed" Message="At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details." Details=[{"code":"BadRequest","message":"{\r\n \"error\" : {\r\n \"code\": \"OAuthIssuerClaimValue\",\r\n \"message\": \"OAuth authentication policy 'adfpolicy' in access control configuration of workflow is not valid. The required claim 'iss' is missing.\"\r\n }\r\n}"}]
@akdracarys Thanks for catching that! Based on the REST API Spec, it is indeed value and not values. I have corrected my comment in the issue that you've linked and I've also raised a PR for the doc, which once merged should reflect in a couple of hours.
As for the error that you see even when using value, is stating that iss (Issuer in the portal) is a required claim. This mentioned in the table above the ARM Template snippet. I've also added a note specific for the ARM Template section.
Using ARM template unable to use the openAuthenticationPolicies for Logic App deployment
"accessControl": { "triggers": { "allowedCallerIpAddresses": [ { "addressRange": "10.0.24.36/32" }, { "addressRange": "10.0.104.44/32" } ], "openAuthenticationPolicies": { "policies": { "adfpolicy": { "type": "AAD", "claims": [ { "name": "Audience", "values": "https://management.core.windows.net/" } ] } } } }, "contents": { "allowedCallerIpAddresses": [ { "addressRange": "10.0.24.36/32" }, { "addressRange": "10.0.104.44/32" } ] } }
I get this error whenever the arm template is executed. If I remove the
openAuthenticationPolicies
block the template works fine.if "claims": [{ "name": "Audience", "values": "https://management.core.windows.net/"}]
Error waiting for deployment: Code="DeploymentFailed" Message="At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details." Details=[{"code":"BadRequest","message":"{\r\n \"error\" : {\r\n \"code\": \"InvalidRequestContent\",\r\n \"message\": \"The request content is not valid and could not be deserialized: 'Could not find member 'values' on object of type 'OpenAuthenticationPolicyClaim'. Path 'properties.accessControl.triggers.openAuthenticationPolicies.policies.adfpolicy.claims[0].values', line 1, position 434.'.\"\r\n }\r\n}"}]]
if "claims": [{ "name": "Audience", "value": "https://management.core.windows.net/"}]
Error waiting for deployment: Code="DeploymentFailed" Message="At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details." Details=[{"code":"BadRequest","message":"{\r\n \"error\" : {\r\n \"code\": \"OAuthIssuerClaimValue\",\r\n \"message\": \"OAuth authentication policy 'adfpolicy' in access control configuration of workflow is not valid. The required claim 'iss' is missing.\"\r\n }\r\n}"}]
Reference:
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
The text was updated successfully, but these errors were encountered: