The JSON value could not be converted to System.Nullable`1[Microsoft.ContainerApps.ApiResources.Models.UnauthenticatedClientAction
I have an Azure Container App and I want to enable Authentication with Azure CLI:
az containerapp auth update
resourceGroup='lorem'
appName='ipsum'
az containerapp auth update --resource-group $resourceGroup --name $appName --enabled true --unauthenticated-client-action RejectWith401
This results in the following error:
Bad Request({"type":"https://tools.ietf.org/html/rfc7231#section-6.5.1","title":"One or more validation errors occurred.","status":400,"traceId":"00-13a7f69e4ce3b84f82e3b7d2c0425143-5ec6db570ab2989b-01","errors":{"$.properties.globalValidation.unauthenticatedClientAction":["The JSON value could not be converted to System.Nullable`1[Microsoft.ContainerApps.ApiResources.Models.UnauthenticatedClientAction]. Path: $.properties.globalValidation.unauthenticatedClientAction | LineNumber: 0 | BytePositionInLine: 114."]}})
The Optional Parameters support this:
--action --unauthenticated-client-action
The action to take when an unauthenticated client attempts to access the app. accepted values:
AllowAnonymous, RedirectToLoginPage, RejectWith401, RejectWith404
The same error is returned when I use
--action RejectWith401
It's working in Azure Portal, but I need this in the CI/CD pipeline.
I found a similar problem at StackOverflow:
Unable to set unauthenticatedClientAction with Az module or Az/CLI
--set properties.siteAuthSettings.unauthenticatedClientAction=AllowAnonymous
The --set parameter is also present for az containerapp:
ContainerApp --set
--set
Value of a specific field within the configuration settings for the Azure App Service Authentication / Authorization feature.
After enabling Authentication in Azure Portal, Azure CLI returned for show:
resourceGroup='lorem'
appName='ipsum'
az containerapp auth show --resource-group $resourceGroup --name $appName
{
"globalValidation": {
"unauthenticatedClientAction": "Return401"
},...
}
Based on the gathered information I was successful enabling Authentication with:
resourceGroup='lorem'
appName='ipsum'
az containerapp auth update --resource-group $resourceGroup --name $appName --enabled true --set globalValidation.unauthenticatedClientAction=Return401
{
"name": "current",
"properties": {
"globalValidation": {
"unauthenticatedClientAction": "Return401"
},...
"platform": {
"enabled": true
}
},
"resourceGroup": "lorem",
"type": "Microsoft.App/containerapps/authconfigs"
}
- How to get project iterations through the Azure API
- Is it possible to have a non-interactive code that logs in to Azure and creates users in Microsoft Entra ID?
- Azure ML: Unable to find workspace
- Redeploy .NET Aspire project after resource cleanup
- Updating Azure Container app Startup Probe using CLI is not working
- Get connectionString value from az storage account show in github action
- Azure VM run-commands freeze and hang and starts to block DevOps pipeline from running new run-commands on VM with Azure CLI
- Unable to deploy a python application from az cli
- az cli : create container app via yaml fail due to parsing to json
- Cannot assign Azure Role for cosmos db
- az role assignment delete: The request did not have a subscription or a valid tenant level resource provider
- Search-AzQuery querying authorizationresources returns 0 records
- How do I change from Bring Your Own Certificate to Azure Managed for an App Service?
- Can't create Azure Storage Account: SubscriptionNotFound
- Unable to create container in a Storage account created with endpoint type as AzureDnsZone
- Azure Traffic Manager Endpoint: The following locations specified in the geoMapping property for endpoint are not supported
- How to list and purge deleted Azure Cognitive Services resources in the current subscription with Azure CLI
- az bicep upgrade command giving me a different error wherever the terminal I execute
- Can I set the redirectUris for publicClient or spa from PowerShell?
- Service Principal az cli login failing - NO subscriptions found
- Is there a way to use New-AzMaintenanceConfiguration to also create a dynamic scope?
- JMESPath with numeric value in Azure
- How do I upload a file to Azurite from terminal?
- create Azure Keyvault secret without exposing values
- I cannot extract .sql CREATE TABLEs for each table in my Azure SQL Database in my Azure Repo
- Renew JSON authentication key of Service Principal
- Space separated values; how to provide a value containing a space
- how to clean specific folder when deploying to that folder with 'az webapp deploy'
- AZ CLI query filter on multiple properties using &&
- Bind managed certificate to Custom Domain for Azure Container App with az CLI fails