can't connect to Azure China SignalR using AAD
MeihuaWang opened this issue · comments
Describe the bug
we can connect to Azure China SignalR using the access key connection string, but failed to connect to Azure China SignalR using AAD, tried AuthType=azure and AuthType=azure.app by following https://learn.microsoft.com/en-us/azure/azure-signalr/concept-connection-string#use-microsoft-entra-id , we knew we needed to change authority host when connecting to Azure China services using azure SDKs, but we didn't find out where we can configure the authority host from AddAzureSignalR() method, could you pls offer the way to change the authority host to be Azure China? thank you.
To Reproduce
builder.Services.AddSignalR().AddAzureSignalR("Endpoint=https://XXX.signalr.azure.cn;AuthType=azure.app;ClientId=XXXClientSecret=XXX;TenantId=b388b808-0ec9-4a09-a414-a7cbbd8b7e9b;Version=1.0;");
fully followed https://learn.microsoft.com/en-us/azure/azure-signalr/signalr-quickstart-dotnet-core
Exceptions (if any)
Further technical details
Microsoft.Azure.SignalR 1.22.0
net6.0
even when we updated the AuthorityHost to AzureAuthorityHosts.AzureChina like below, we still see the same error with "error_uri":"https://login.microsoftonline.com/error?code=90002", the error uri is pointing to global endpoint, which doesn't make sense.
builder.Services.AddSignalR().AddAzureSignalR(option =>
{
var credential1 = new ClientSecretCredential("tenantID", "clientID", "clientsecret", new ClientSecretCredentialOptions() { AuthorityHost = AzureAuthorityHosts.AzureChina });
ServiceEndpoint end = new ServiceEndpoint(new Uri("https://XXX.signalr.azure.cn"), credential1);
option.Endpoints = new ServiceEndpoint[]
{
end,
};
});
Connection string is not supported in sovereign regions when using Microsoft Entra ID (AAD) authorization.
var credentialOptions = new DefaultAzureCredentialOptions()
{
AuthorityHost = AzureAuthorityHosts.AzureChina,
};
option.Endpoints = new ServiceEndpoint[] {
new ServiceEndpoint(new Uri("https://<hostname>"), new DefaultAzureCredential(credentialOptions))
};
Please follow this sample to change your AuthorityHost
to AzureChina.
Try running this command before you start your service if the previous code does not work.
dotnet user-secrets remove Azure:SignalR:ConnectionString
This command will remove ConnectionString
in your env variables.
Try running this command before you start your service if the previous code does not work.
dotnet user-secrets remove Azure:SignalR:ConnectionStringThis command will remove
ConnectionString
in your env variables.
it's working now after I removed ConnectionString from appsettings.json, thank you very much