Im trying to set label using MIP SDK. However while executing AddEngineAsync, I am getting access denied error. I am able to get access token from AAD APP. Any help would be great.
Code:
var engine = Task.Run(async () => await profile.AddEngineAsync(engineSettings)).Result;
Error:
Unhandled Exception: System.AggregateException: One or more errors occurred. ---> Microsoft.InformationProtection.Exceptions.AccessDeniedException: The service didn't accept the auth token. Challenge:['']
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at MipSdkDotNetQuickstart.Action.<>c__DisplayClass10_0.<<CreateFileEngine>b__0>d.MoveNext() in C:\Users\wb561362\Mip_ServicePrincipalAuth\mip-sdk-dotnet-file-SPA\Action.cs:line 178
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at MipSdkDotNetQuickstart.Action.CreateFileEngine(Identity identity) in C:\Users\wb561362\Mip_ServicePrincipalAuth\mip-sdk-dotnet-file-SPA\Action.cs:line 178
at MipSdkDotNetQuickstart.Action..ctor(ApplicationInfo appInfo) in C:\Users\wb561362\Mip_ServicePrincipalAuth\mip-sdk-dotnet-file-SPA\Action.cs:line 113
at MipSdkDotNetQuickstart.Program.Main(String[] args)
You should validate you're getting a token for the correct resource. Typically, we see this error when people have hard coded or improperly handled the auth challenge in their auth delegate implementation.
Be sure that you're not hard coding the resource and that you're passing the resource provided as a parameter to AcquireToken() to your MSAL or ADAL implementation.