question

AddiShalabi-5495 avatar image
0 Votes"
AddiShalabi-5495 asked saldana-msft edited

Getting 403 status code when calling addKey API is saying no permission is needed.

I'm trying to add self signed certificate to an existing servicePrincipals using addKey API, and getting a 403 Forbidden response back.

This is the request body based sent on the docs


{
"keyCredential": {
"type": "AsymmetricX509Cert",
"usage": "Verify",
"key": "MIIRPgIBAzCCEPoGCSqGSIb3DQEHAaCCEOsEghDnMIIQ4zCCCowGCSqGSIb3DQEHAaCCCn0Eggp5MIIKdTCCCnEGCyqGSIb3DQEMCgECoIIJfjCCCXowHAYKKoZIhvcNAQwBAzAOBAgz0SKvHWKSlAICB9AEgglYCqUHSCP637M/UyK6vuc1hx1WRShkXvBLW0CPuzhHICK4DzhWZ98f+PskxpTPt4Uv+xcCSkKxeLeVsu1a4H21cxPL23EtcMC62QttNDOf1fL+aX1LePVUTSb8EnsKa8HmxNs4XY0hJcA2JB4vgemuXOUL+agpp4o5gvkFFT9XEt7ogdhE50wzFD8YWWnEobU6YjPom3jDrAcAeixlM/kmn2c7juywYp3xddyL4VTpSZMkv8eUAEoX4rLi/+ZcWLjFx2j/AlFU4wO5LlsSgYxHSK5O89gsAynDs7cXtAPN58UYF4m3kGHHXgP1FfvcUu4k2BL+lw0bCAyPZGQ4CWVrjyio85doss54KoWi9zjGVUSkEAmVmjVJEb3PDE77H8L32QPvI9fFQnw/Uz389KuExyTv0si67hYyOvO2wpQv2HLUI3QS1wCvN7d4b45nuG2MJlY6bglU3Biz4ZmqqE+4LQmURvvn7vYLtO4O3unK2AoyAwrus/FFSAoqa+B8Qiy17VrSdErlCskyDJyYCEmvU5vdi53mTQdHb1mOUeBi0lwtnFsqUuvpaRPgyMG/ljjHPRpz/ITwv/vYNovwW2yCfwB3dI3D7ouoMN9NFc9+2YQNlPYy522kVoO8ddFlvpV2M26QoeiB+DmGVj/w/17FQ4VzfWcK4FigpdAc9uDRHCniR4CyV9DeVhdNqVNo10XwP1IxMpcHERa2r7/kdHlCqpVaaYvUt6BCMUxFtbm86A86adBaed3QEmzU1DaZ8GRYaUmJb9G6xhTM9Amd7to5GDH28JtQGurUkUgw2E+y37B2Mg52SY6oi77bqdoVv49bnMynad6kdUP9ptajxQYNxfjZSgXKDVhNxR/iq79Zn4cAZIbaKsdpV+H9D/VHYFPCiaZnWR8eoLi+qM245iW56exMXtcOh47KTEKgQ2vV94jtDBOCuf+9UHRIK9vAf3m0lyKvnIX88/O/1DE0ngPnin3rTWz7j1/b5xWlT7CmT0QR7iChc8qV3pLXoptAX1DVYq2/J6SceUNFS39j+AtXr8FBIJgLsL3be2+yihA36vzSB70mC/dlsawXZPpkuAxmwsORNtRPJrE4IYX2vWeY8VbpVDE5wMRp/lBrsQ4hZX9eKX7t1FcDN1HBU9fkn39db3mpVD5IpouEOOixeTUevvoRBf/U8OjvYBv+78MV1iaGkDEH/jarqkEDOJbU/epiuwqZXKzRHeq5YZomExdfz1XqH0RK78tsrad09F6SXna2JfrouYSJmJCAIHndmovpEoR0zs3kjV2MlCEB2wHkpOqDbxXfflleOQvQloAiqM5RqUNLx0irnzGvUhlWOygQQv5/pT1LpTFcCP28bI6HE9ehGIMVakK3oPZrB/82N8PRVODVTpEYtfAuFmolwNsoEv3QgjvthLodemdMWst3o0uV+daIwbxlXa1t+6aG6bZLRAt3RKeUGY9p12chihD4zwp325L1fS0h+K/bPM7sxHXIoHn/7XwIw2N3Cbi1JNx4mmqe9dJmiruawl8DfSokzgSIEN8OXPLAtNaH1U/zaEHp8Zerz/iMm3CZatZYTQ8WZyNZMabn7F1VBWWNJ4FDvngREQ0NLD1t8EbtLYAXyDmWLOg7fhEkt+AH5vdlTa+nrrlBBDEmxdOHuK88GPsIG755fCprUk5HtujrSPPBpi/N/fAr95DcVGj6BUN9VlfHr7hikWgXkoB8kRel1PF9dWRq/MoKzUyV8uNUfGipvfFFpQ1/Tzhl4Dav8ldqBk2XoQaU2bbfiUu5eHf3sduC4JcBL6TmqUc6ggZvc4qZw0rRUKJCGZO2LyuGPQcVfNtN2TUsYNCpxAjcY9FjwexLNCv8M6uDRp196UzYE114Xp+hOzRUjGIis6Imf5aa929jZp/KaT8Kghr9szo16bOQMUIJm8uvXiKKRU4qB00N8W5gZ+OKIarUT6fT3YBak2blOIyzVDJ2uSbdBdqGTja2pzHmVIkUYYLRKREzCxSGUXGmHaeoLXLtBlcMP/ngGtu+XLxhZmHmTcqNamSzw7GOdyuy/9O73GwWbO1hDYZg2DtewFUa6c4IsOJ8eD3TgoeQHOn6Xr2UqC6xyGvtL3X8Z3YeA9K4PdPwcaX2SPVXA5WJVDaLiZG92kIh0jKhi2i558SPv/2d5JqR1oRYzxNVBLsl3NheDZl3YDhiKZkdOvMx1c22YR0fuRQT11bar8F/mfjCWomgpFjycnqWvstK1ZghJ2IhwKZTnjSjbJ9H92Oj1gkwcgWF0SqF72KzgpwkcamIC+MXVl0b9O/c145+Yzrk9S10x4UOvXxrW4f3tiPG0kheT0cOWSFCZyZozZ0KFpsBgJ0lj2l4stF4p87/Bhpm2Iiad6SjVd4gWZUt6zT4OhK8nBci/UvmXjPLYc2W/CNcRv1VQsk15ha7sBS8NxNtbgkJwUOhFVKE3Yh/Elx52ckTHYijK0w6STF6qGBcbj1I5atp3vlt84piCeCw1BQLVNaA5tHfxc0mVumics5DvIADziNaM57O+MbHLyfJ68XDAXaq6/RO+FXHaC+4prQWKjGifE5zT52DyXOOuMVPGXHz44MG6NRuEqb2QBDXadyut+7MX1NZGIFzxAc1yMxGx+JdIc/V/hfl4CG+wkulXErkxaURPqPbGsFEU2t36JFez1pNiv1HIfWHBnehOELVg8erCAv/mb3htL0o4kiPdADNCMlIsuWgSroCdLaNkqtfmfzOd9rFL7frpr3C3kWjvA9jebvaUtx7PkoSEWyJyRfeLqEKH+KGocmvRuEjkhiOTgKaaUJfgjISmYZRFmdUjgRnuFtzGDJPg+kb21e6eGgOlh2n9XIJsFMjg/Lyytrnk8/TFQv0DyNe2AzBHvy3spm+31MCozWaktis52GisYCtj8x04hS0gu4086QHpX2rf7CXa/pypuwD/pVuItW4OWouEa9oIuyd3VxzEoAeD2q9BpI3zVKifzptUY/finBVxclZVO6kfhluaSiWIo2CBrJXhJkLQzluao5m+GHTybKnQNVQblwzo2hZJ5RTl29KXy63s1dVdweY/1c0McICduhh4RQbDxWNWHPxAK8BKNb1+qzKNed5GE2wiEVD2mf6V6t2JEpKU2ZpXs38tARXGvJ98YutIt7s4nVGaL/ZPP65HDqOwKtKaY7sqgy8Jjh1EFl6zzGB3zATBgkqhkiG9w0BCRUxBgQEAQAAADBbBgkqhkiG9w0BCRQxTh5MAHsAMgBEAEEAMwA4ADMAOAAzAC0AMAA2ADYAMwAtADQAQQBEADQALQA4AEMAMQA3AC0ARgA0ADcAQwA4AEQARgA3AEMAMgBFADYAfTBrBgkrBgEEAYI3EQExXh5cAE0AaQBjAHIAbwBzAG8AZgB0ACAARQBuAGgAYQBuAGMAZQBkACAAQwByAHkAcAB0AG8AZwByAGEAcABoAGkAYwAgAFAAcgBvAHYAaQBkAGUAcgAgAHYAMQAuADAwggZPBgkqhkiG9w0BBwagggZAMIIGPAIBADCCBjUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECI5xQahniLSkAgIH0ICCBggdDQ5ZKsNjb01v7cHmzRkktPDVaHoRgeTTZwDRqUJwdkY/xu47ffivTiWiiV4Hmqi0WQnsCg/uFGll6S2lTUVHUB3ixpn9sOWNaD9Cb/5b83dIaKh6+Mk0gs2Aay0jppYc73L631gPMK51Ig+GBY0FoXJ//PifMLmxf6fpMlf6k3e3TiT+gIBmWZWyrNgW1pwdGYU3GLzV2cI1bG2L0opzRI/1P3Xw21rQwEY5F8DH30Xd7Isib/uFMderg84T2Ph77u9RM2eD1ahv+8tlDJRCRskUoNm2mYI2IwdSGhLOUocYyYvw5DKHuFzVC46L1iru2GawZGdqa/ZrJaAoiwpZ5C1nuJbvij7qt5feJv3iAIhLZx2LfA2YOpxQemnPyZi1Pq6wDq8PpPeh0Nt5a1k3ZXahoQw4k9pwthpWLBllvkGrDXGLjcwAbS/F+oZbGO6B+vtaj4+4sNNga+5ZLgiqNkn+HNQ6PyMsanBQYv5GaNBrGfJAwkkFb3akQnArLdZC7pi+d+J+bTQF1giGiHPIdN2tiDw/ziLDR8L92OaxDSBMGW6jIt1DeNDm1+PbgTVMU2uPWx9fgiERprNqSGlA4UWrSsnlWMCgvqRyOXliC7obDjiSIRAzB7mYC1yLZlf4dI5mkxO4aRZbCq1xGngwaD5U58pUuOmTtdxhGC3jnPDz7Vt2LS4aKlpudUWyxDC+KSXK3y1d7nQaB5zv7a3e9LQQi4emgiFiFo6yp+KcN/y/V3j1V2JcfN9jQ3DoszDPE7rWbVe6ISo+vaMq1VYdesAw40cIxbodCgm+W0hxn0kmmRDTJ0Aule8I22bb4nW2006kxMqzmSaasioF+1iiL/BafR8CJyRcvaXXYM5rO8acDqxj80NztWveNpPnqkFRLfPFQ8AKwV74xe0zQbmQhqVfZw7zJsRWxLkOQTI3FaXuLKCqdd6D98BlzYYJid7y2VuiUlXI0v8h25Z26MJiCOy4k+FZcyFu8/gXffEvNNHWg4qef2+mQLHDoqfA43yP+X0eezVYKpJDcK9k941AR2m4V+TZWoJYRwi+j/DYYGfQ8m4XETV+BU4b8R+DjQrpi1hz7L3FeGpaHC3YvphDLJoteEUrI7x2rgx7fZTkRD2HZvDcd7sl9m9R/YczyPlqb0rEjrMd3D2oxXonlg5RTm95/SjgH/mjia+vNYS2qUjiB5k/aA4U7L/EKgo0YUm+yF5uHd0Yl/ZNakhhrdXR6pE4kT5Pu5m/HVmQkff0L7cNyulYRjwdWpsM0FZejkXz2l5MPpdb2vYaDRRNw8iOBajzJ+cXW98bOQd7d5f+XMfqihWKmRHEX4kvZau/r2oLw9dIA8VW9QJLUqoZKU0HnjVN9t2uA2p3kqrN1outQ9HEu1bTIiKs0P3fTQKhBOTobGVnsf0kXYVklx6HdKqTxE3T5fYzAV9wwkiAzoox9l9XMuYTSHkOw8BWY8mCcDcf3FJiVZNdtLfxlCEpfE6T4Ta5Fb6nALrrEwoF6+cJWjV4erwMxes3KgDO+rGTbDyNsQ6qfgOaN9dk1xZ7lK+PPcYtoMxdyfo4ognIva2ZQ73wet5MdvtJK/Q53Ldyrz29UQRLdyZyH71Nj7+mP385d8jW4AOym2tX9qR/3nG8I56L9dXpaTL1vH/kO1NfLMXpkcXoj7OMEOxaJnAqFM+muZpNseZhKg7yvcTIG5CvcUqEHlkYhzJ6tTAKZWryhYz/5MjXaRnFqSyDUvlRFfgOBzW9JueH1qfIW9UVPT1FR8RkvAEp7tuMeSyiywEKhCwbNnyj7wr6HHS796wnvqavX13QydzyH4qkuHcfj1VorocU3Bs+onW2IvF1uzC/s9AkY+Z4fia11q/ntO+pqzCuAy28C6ezc1C+HmJ+rVyUbzpKwvNBXGX2pWcQoY8N/QkLWvVx7N0iUDp4hwSPQR6INXdGyVaR4E9lzmhF37djERC9wqV+z7vOsMb0lDQ9ih1zrBohtU1S43Hjf1lkTkxh4NLjIjLSGwJu/OrFBY6M+3FbXQ2V0mGl9sAVGDdJP6uCawzNzhUfxjA7MB8wBwYFKw4DAhoEFHbCcMHgc8qCLj8qrPj/B5m2Mh59BBSkXBsRwElxkjwks41VUAnVmUy/LwICB9A="
},
"passwordCredential": null,
"proof":"r8gGmMNand9swlfj3UK9W1EDYUIMUdQX4gEmnGO7jNVwUK29SIc26o-mBQHoC9vJ0rmzPK1y9cPAgHGYbS6m9Z-ylN7BacKBkz_aJEYMHfmPi8vh2xnKDYLMiziZABLsiZr8kb59IGQnto-rdimUEpdeM91uR7iFgVRvaVWD982WW6kk-b6kb6dmvOfwZdCSUyO1qdukA7Av4WdEMzNX0UPp8q69m9B-6yUAd7s8dEuhtAKxMMY9habDptG-bmC_hDbTUTOiE3sQRLNVDiuE6R5eUyQGqlGawp1EgaDqcx8t3ejlixkcm2NHAveyYVmKQ7wWacvfwfzxpQ5hxszlxPpQQ4O58XFOcdM2XycYf2Pz-gpyxnwDlPcJh9N_m6V47Q2XAlCKh7wolQd-eX1NWJ0tjEIDj0b4tH7jOET5ZxdCKOX-VnMjTB6Ux0ytUoJRMKFKry7-9oDyuSFBMR6--2l92p_UHzVvt6rUNAd4qyYHtdBIFZgq-jYyOdOf_4ZSqNsK09EsqfcxSRfyw4Bw-qVFBmSSXvGB0Jb6W0UbRd4wivX6BVwOo6qgvzbHWTDspG24unPdlZ91XnuxAlJXku3sstiLCtBrwBznj8JoFA9_nE7vid27f3PYEvPU24eCEoJK7mcQXc039G_wFuPdepu9reBjq4I_8FifHd8_zpE"
}
=======================================================================================

125094-image.png


microsoft-graph-identitymicrosoft-graph-applications
image.png (82.5 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

CarlZhao-MSFT avatar image
0 Votes"
CarlZhao-MSFT answered CarlZhao-MSFT commented
  1. According to the official doc, make sure that your application has been added with a certificate, and the certificate has not expired.

  2. You must use a self-signed JWT token to access the API, in which case you need to use the client credential flow to obtain the token.




· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Would you please provide us with an update on the status of your issue?

0 Votes 0 ·