question

PaulKaplan-7682 avatar image
0 Votes"
PaulKaplan-7682 asked SaurabhSharma-msft edited

401 Unauthorized calling my Rest API

I have a Rest API using controllers, etc, hosted in Azure that has been working for some time. I want to secure the various methods. I believe I'm initializing everything in startup.cs OK. I added [Authorize] to one of the methods. I used a simple javascript example which calls myMSALObj.loginPopup, and gets back a token which I then add to the Authorization header and make a fetch call. When I call, I see HTTP Error 401.0 - Unauthorized in the log stream for my App Service.

Any ideas how I can troubleshoot this to get more specifics about what is wrong?

Also, a related question: in App Registrations, Api Permissions, how does one correlate the API permission name with the method in the controller?

azure-ad-app-registration
· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Just added this in front of controller method:

   [AuthorizeForScopes(Scopes = new[] { "My.Method" })]
0 Votes 0 ·

@paulkaplan-7682 Is your issue resolved now ?

0 Votes 0 ·

Unfortunately not.

0 Votes 0 ·
Show more comments

Hi @paulkaplan-7682,

Thanks for using Microsoft Q&A !! Are you using ASP.NET Core with Micorsoft.Identity.Web ? It would be helpful if you could please share your code snippet how are you getting the token and calling the API.

Thanks
Saurabh

0 Votes 0 ·

0 Answers