Search code examples
azureazure-media-servicesazure-api-apps

Microsoft Azure Media Service. Unable to get token (app-only) by using REST API

I'm building simple Angular2 application where a given user can upload videos via Microsoft Azure Media Service REST API.

I'm trying to get a token by using this request:

curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=client_credentials&resource=https://rest.media.azure.net/&client_id=<application id>&client_secret=<password you selected for authentication>" https://login.microsoftonline.com/<Azure AD Tenant ID>/oauth2/token?api-version=2.11

But it will not work via AJAX (that's because CORS), so is there any other simple way to get an app-only token?

Solution

  • I've created php script which returns token, I think it's fastest solution.

    Here is code, maybe will be useful for someone:

    <?php

define(APP_CLIENT_ID, '<client_id>');
define(CLIENT_SECRET, '<client_secret>');
define(AD_TENANT_ID, '<tenant_id>');
define(RESOURCE_URL, 'https://rest.media.azure.net');

function curlTokenRequest() {

    $url = "https://login.microsoftonline.com/".AD_TENANT_ID."/oauth2/token";

    $request = "grant_type=client_credentials&resource=".RESOURCE_URL."&client_id=".APP_CLIENT_ID."&client_secret=".CLIENT_SECRET;

    $ch = curl_init($url);
    $options = array(
        CURLOPT_RETURNTRANSFER => true,         // return web page
        CURLOPT_HEADER         => false,        // don't return headers
        CURLOPT_FOLLOWLOCATION => false,         // follow redirects
        // CURLOPT_ENCODING       => "utf-8",           // handle all encodings
        CURLOPT_AUTOREFERER    => true,         // set referer on redirect
        CURLOPT_CONNECTTIMEOUT => 200,          // timeout on connect
        CURLOPT_TIMEOUT        => 200,          // timeout on response
        CURLOPT_POST            => 1,            // i am sending post data
        CURLOPT_POSTFIELDS     => $request,    // this are my post vars
        CURLOPT_SSL_VERIFYHOST => 0,            // don't verify ssl
        CURLOPT_SSL_VERIFYPEER => false,        //
        CURLOPT_VERBOSE        => 1,
        CURLOPT_HTTPHEADER     => array(
            "Content-Type: application/x-www-form-urlencoded"
        )

    );

    curl_setopt_array($ch,$options);
    $data = curl_exec($ch);
    $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    $curl_errno = curl_errno($ch);
    $curl_error = curl_error($ch);
    //echo $curl_errno;
    //echo $curl_error;
    curl_close($ch);

    http_response_code($httpcode);
    header('Content-Type: application/json');
    header('Access-Control-Allow-Origin: *');

    return $data;
}