badnative.blogg.se - Assigning roles

If an application is running within an Azure entity such as an Azure VM, a virtual machine scale set, or an Azure Function app, it can use a managed identity to access the resources. The authentication step requires that an application request contains an OAuth 2.0 access token at runtime.

Next, the token is passed as part of a request to the Service Bus service to authorize access to the specified resource.

First, the security principal’s identity is authenticated, and an OAuth 2.0 token is returned.

With Azure AD, access to a resource is a two-step process. When a security principal (a user, group, or application) attempts to access a Service Bus entity, the request must be authorized.

For step-by-step instructions, see Disable local authentication. You can disable local or SAS key authentication for a Service Bus namespace and allow only Azure Active Directory authentication.