Unable to connect to Azure SQL using azure directory password authentication.

Question

Unable to connect to Azure SQL using azure directory password authentication.

sunnyverma88 opened this issue a year ago · comments

The app is using the latest version of tedious 16.4.0, trying to connect to Azure SQL, and getting the below error. Any recommendations on resolving this issue? Error Message: Security Token could not be authenticated or authorized. CODE EFEDAUTH

Michael Sun · Answer 1 · Wed Jul 26 2023 02:11:08 GMT+0800 (China Standard Time)

Hi @sunnyverma88, can you share with us your connection configuration as a start?

Michael Sun · Answer 2 · Thu Jul 27 2023 06:02:16 GMT+0800 (China Standard Time)

Hi @sunnyverma88, just want to double check with you, did you guys remove the content for scopes and gettokenoptions from the error log that shared me this morning via teams chat or they are never there? If you do get a valid gettokenoptions object returned in the error, there should be a 'authority' entity within it, and it reviews the auth-endpoint. The content of it should be constructed as authorityHostUrl/tenantId. You can verify whether the correct tenantId is used here.

AggregateError at C:\dev\training\sql-node-test\node_modules\tedious\lib\connection.js:2679:31 at process.processTicksAndRejections (node:internal/process/task_queues:95:5) { [errors]: [ ConnectionError: Security token could not be authenticated or authorized. at C:\dev\training\sql-node-test\node_modules\tedious\lib\connection.js:2679:62 at process.processTicksAndRejections (node:internal/process/task_queues:95:5) { code: 'EFEDAUTH', isTransient: undefined }, AuthenticationRequiredError: invalid_request: 9001023 - [2023-07-26 16:48:54Z]: AADSTS9001023: The grant type is not supported over the /common or /consumers endpoints. Please use the /organizations or tenant-specific endpoint. Trace ID: 2580b7aa-9cdb-4d55-9f96-f69e984c2b00 Correlation ID: 06a6c8f2-f062-418d-8fdd-d17bd2ce3cec Timestamp: 2023-07-26 16:48:54Z - Correlation ID: 06a6c8f2-f062-418d-8fdd-d17bd2ce3cec - Trace ID: 2580b7aa-9cdb-4d55-9f96-f69e984c2b00 at MsalUsernamePassword.handleError (C:\dev\training\sql-node-test\node_modules\@azure\identity\dist\index.js:715:16) at MsalUsernamePassword.doGetToken (C:\dev\training\sql-node-test\node_modules\@azure\identity\dist\index.js:2030:24) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async Object.withSpan (C:\dev\training\sql-node-test\node_modules\@azure\core-tracing\dist\index.js:140:28) at async C:\dev\training\sql-node-test\node_modules\tedious\lib\connection.js:2677:29 { scopes: [Array], getTokenOptions: [Object] } ] }