Today, I had a query from a developer asking how to silent authenticate and fetch the list of available VM’s sizes from a particular region using .NET code. They wanted to fetch this detail from their worker role more precisely. They wanted to call the URI as in this article silent authenticated https://msdn.microsoft.com/en-us/library/azure/mt269440.aspx
On first sight, I thought this as an RDFE endpoint(older portal/SMAPI), but on closer look this turned to be an ARM end point.
How to identify the url is an RDFE/ARM endpoint?
- RDFE end point will be some like this - string uri = @https://management.core.windows.net/xxx-c5bc-4xxxxxd/services/hostedservices/cloudpanther;
- ARM end point - https://management.azure.com/subscriptions/xxxx-cxx-xxxxx/providers/Microsoft.ClassicStorage/osImages?api-version=2016-04-01;
Please note, for RDFE end point we may have to either use certificate based or native client way of authentication.
Since this is an ARM endpoint, we need to follow the service principal way to get the bearer token which is needed for the URI GET call’s.
Perform the following action one by one carefully as in this URL - https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/
Create an Active Directory application
Get client id and authentication key
Get tenant id
Set delegated permissions
Assign application to role
static void Main(string args)
var context = new AuthenticationContext("https://login.microsoftonline.com/+ "your_tenantid");
ClientCredential credential = new ClientCredential("your_client_ID", "your_client_secret");
AuthenticationResult result = context.AcquireToken("https://management.azure.com/", credential);
var token = result.CreateAuthorizationHeader().Substring("Bearer ".Length);
string uri = @"https://management.azure.com/subscriptions/<your_subscription_Id>/providers/Microsoft.Compute/locations/Southeast Asia/vmSizes?api-version=2015-05-01-preview";
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
request.Headers.Add("Authorization:Bearer " + token);
var response = request.GetResponse().GetResponseStream();
var output = new StreamReader(response).ReadToEnd();
P.s:- I have used Adal 220.127.116.115 to avoid async complexities.