question

afdelacruz-2091 avatar image
0 Votes"
afdelacruz-2091 asked AshokPeddakotla-MSFT commented

Replicating Tutorial to Build out End-to-End Solution and am unable to authenticate using ManagedIdentityCredential

I have followed every step of this tutorial: [tutorial-end-to-end]

However, when I try and create the building scenario using the command, SetupBuildingScenario, I am unable to authenticate because of an error with ManagedIdentityCredentials. I feel like I am supposed to be using DefaultAzureCredential but it is defaulting to the other method. I have tried switching the version of Azure.Identity from 1.3 to1.2.3 but still nothing has worked. I am attaching the error log below.
103995-image.png


azure-digital-twins
image.png (224.6 KiB)
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@afdelacruz-2091 Welcome to Microsoft Q&A forum! Could you please share the documentation link which you are following again?
Also, please go through the Known issues in Azure Digital Twins and let us know if it helps to identify and resolve the issue.


0 Votes 0 ·

@afdelacruz-2091 Did you get a chance to see below suggestions? Do let us know if you need further help.

If the response is helpful, please click "Accept Answer" and upvote it.

0 Votes 0 ·
afdelacruz-2091 avatar image
1 Vote"
afdelacruz-2091 answered AshokPeddakotla-MSFT commented

I was able to solve the issue. After figuring out the order that DefaultAzureCredential attempted to authenticate, I excluded attempts to ManagedIdentityCredential and SharedTokenCacheCredential. This looked like:
var credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions { ExcludeManagedIdentityCredential = true, ExcludeSharedTokenCacheCredential= true })

Now I am able to replicate the tutorial!

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@afdelacruz-2091 Glad to hear that your issue is resolved. Appreciate for sharing the root cause. It will definitely help community with similar issues.

0 Votes 0 ·
AshokPeddakotla-MSFT avatar image
0 Votes"
AshokPeddakotla-MSFT answered afdelacruz-2091 published

@afdelacruz-2091 Thanks for the details. I have followed the documentation as is and able to complete it successfully.

105353-image.png

105354-image.png

I would suggest you, please recheck Set up local Azure credentials again and see if you are missing any steps.

Also, please ensure to assign the Azure Digital Twins Data Owner role using the access control options in Azure Identity Management(IAM).

First see if you have the correct role assignment by checking access.

Goto your ADT -> Access Control -> Check access

105323-image.png

If not, please follow the steps Assign the role using Azure Identity Management (IAM) and verify the role assignment success.

Hope this helps to resolve your issue. Please let me know if you need any further help.

If an answer is helpful, please "Accept answer" or "Up-Vote" for the same which might be beneficial to other community members reading this thread.


image.png (152.1 KiB)
image.png (71.9 KiB)
image.png (84.8 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi, I had a couple questions about Identity Management. I created my azure instance with a gmail account. When I look at the IAM of the Digital Twin Instance, the owner of the account does not match my email address. It is some extension of my original email address, i.e. if the email address used to create the instance was drew@gmail.com, the owner of the instance is drew_gmail.com#EXT#drewgmail.onmicrosoft.com. Will this affect my verification? Since I am signed in on Virtual Studio under the original email (drew@gmail.com) used to create the instance?

I also have an company outlook email that I can use to sign in on Virtual Studio. I added that profile as an owner of the instance, signed in using the az login command. Then, I tried to rerun the command SetupBuildingScenario but was still met with the same error within ManagedIdentityCredential

0 Votes 0 ·