Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New-AzApiManagementSubscription doesn't work when scoped to API #26997

Open
taylorbutcher opened this issue Jan 10, 2025 · 6 comments
Open

New-AzApiManagementSubscription doesn't work when scoped to API #26997

taylorbutcher opened this issue Jan 10, 2025 · 6 comments
Labels
API Management bug This issue requires a change to an existing behavior in the product in order to be resolved. customer-reported Service Attention This issue is responsible by Azure service team.

Comments

@taylorbutcher
Copy link

taylorbutcher commented Jan 10, 2025
edited
Loading

Description

Hi all,

A few others and I have been discussing this issue in detail in this thread here.

Please let me know if there is any other information needed.

Issue script & Debug output

$DebugPreference = "Continue"
PS C:\Windows\System32> Set-AzContext -SubscriptionId "obfuscated"
>>
>> $apimContext = New-AzApiManagementContext -ResourceGroupName "rg-obfuscated-it-sandbox-app-eastus-001" -ServiceName "apim-obfuscated-it-sandbox-eastus-001"
>>
>> New-AzApiManagementSubscription -Context $apimContext -Name "sub-app-obfuscated-ecb-eastus-005" -Scope "/apis/app-obfuscated-ecb-eastus-001" -UserId "1"
>>
DEBUG: 8:59:03 AM - [ConfigManager] Got nothing from [DisplaySecretsWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 8:59:03 AM - SetAzureRMContextCommand begin processing with ParameterSet 'Subscription'.
DEBUG: 8:59:03 AM - using account id '[email protected]'...
DEBUG: 8:59:03 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 8:59:03 AM - Autosave setting from startup session: 'CurrentUser'
DEBUG: 8:59:03 AM - No autosave setting detected in environment variable 'AzContextAutoSave'.
DEBUG: 8:59:03 AM - Using Autosave scope 'CurrentUser'
DEBUG: 8:59:03 AM - [ConfigManager] Got nothing from [DisableInstanceDiscovery], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 8:59:03 AM - [ConfigManager] Got nothing from [EnableLoginByWam], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 8:59:03 AM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'obfuscated', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'[email protected]'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [Runtime] WAM supported OS.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [RuntimeBroker] ListWindowsWorkAndSchoolAccounts option was not enabled.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - 02ff2855-dacb-49a9-94e1-392dbb6485e0] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] Found 1 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] Returning 1 accounts
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] MSAL MSAL.CoreCLR with assembly version '4.65.0.0'. CorrelationId(obfuscated)
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] LoginHint provided: False
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] Account provided: True
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] ForceRefresh: False
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - True
HomeAccountId - False
CorrelationId - obfuscated
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] === Token Acquisition (SilentRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] Broker is configured and enabled, attempting to use broker instead.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [Runtime] WAM supported OS.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] Can invoke broker. Will attempt to acquire token with broker.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0001]    WARNING  SetAuthorityUri:78      Initializing authority from URI 'https://login.microsoftonline.com/obfuscated/' without authority type, defaulting to MsSts
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:422    Printing Telemetry for Correlation ID: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: start_time, Value: 2025-01-10T14:59:03.000Z
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: api_name, Value: ReadAccountById
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: was_request_throttled, Value: false
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: authority_type, Value: Unknown
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: msal_version, Value: 1.1.0+local
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: correlation_id, Value: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: broker_app_used, Value: false
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: stop_time, Value: 2025-01-10T14:59:03.000Z
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: msalruntime_version, Value: 0.16.2
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: is_successful, Value: true
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     LogTelemetryData:430    Key: request_duration, Value: 0
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     SetCorrelationId:258    Set correlation ID: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     EnqueueBackgroundRequest:1000   The original authority is 'https://login.microsoftonline.com/obfuscated'
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     ModifyAndValidateAuthParameters:219     Additional query parameter added successfully. Key: '(pii)' Value: '(pii)'
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    INFO     ModifyAndValidateAuthParameters:243     Authority Realm: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0008]    WARNING  TryEnqueueMsaDeviceCredentialAcquisitionAndContinue:1052        MsaDeviceOperationProvider is not available. Not attempting to register the device.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     StorageTokenResponse:84 StorageTokenResponse account constructor invoked. This is only expected in Runtime flows
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:422    Printing Telemetry for Correlation ID: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: start_time, Value: 2025-01-10T14:59:03.000Z
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: api_name, Value: AcquireTokenSilently
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: was_request_throttled, Value: false
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: authority_type, Value: AAD
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: access_token_expiry_time, Value: 2025-01-10T16:04:42.000Z
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: read_token, Value: ID|AT
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: msal_version, Value: 1.1.0+local
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: client_id, Value: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: correlation_id, Value: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: broker_app_used, Value: false
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: stop_time, Value: 2025-01-10T14:59:03.000Z
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: msalruntime_version, Value: 0.16.2
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: original_authority, Value: https://login.microsoftonline.com/obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: request_eligible_for_broker, Value: true
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: additional_query_parameters_count, Value: 1
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: storage_read, Value: DAC|DAT|DID
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: auth_flow, Value: AT
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: is_successful, Value: true
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: authorization_type, Value: WindowsIntegratedAuth
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: request_duration, Value: 10
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:435    Printing Execution Flow:
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [MSAL:0003]    INFO     LogTelemetryData:443    {"t":"4s7uc","tid":8,"ts":0,"l":2},{"t":"4sufd","tid":8,"ts":0,"s":2,"l":2},{"t":"4swgg","tid":8,"ts":0,"s":6,"l":2},{"t":"4swgf","tid":8,"ts":0,"s":1,"l":2},{"t":"4swgi","tid":3,"ts":0,"s":6,"l":2},{"t":"8b2yn","tid":3,"ts":0,"l":2},{"t":"8dqkx","tid":3,"ts":0,"l":2},{"t":"8dqik","tid":3,"ts":0,"l":2},{"t":"4q2di","tid":3,"ts":0,"l":2},{"t":"4qnng","tid":3,"ts":0,"l":2,"a":2,"ie":0},{"t":"4qnnf","tid":3,"ts":4,"l":2,"a":2,"ie":1},{"t":"8dqit","tid":3,"ts":4,"l":2},{"t":"8b2ht","tid":3,"ts":4,"l":2},{"t":"4qnno","tid":3,"ts":4,"l":2,"a":2,"ie":0},{"t":"4qnnn","tid":3,"ts":10,"l":2,"a":2,"ie":1},{"t":"6xuag","tid":3,"ts":10,"l":2}
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z] [RuntimeBroker] WAM response status success
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] Checking MsalTokenResponse returned from broker.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] Success. Response contains an access token.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] Checking client info returned from the server..
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] Saving token response to cache..
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] [Instance Discovery] Instance discovery is enabled and will be performed
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] [SaveTokenResponseAsync] Saving Id Token and Account in cache ...
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] [CalculateSuggestedCacheExpiry] No access tokens or refresh tokens found in the accessor. Not returning any expiration.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated]
        === Token Acquisition finished successfully:
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated]  AT expiration time: 1/10/2025 4:04:41 PM +00:00, scopes: https://management.core.windows.net//.default https://management.core.windows.net//user_impersonation. source: Broker
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:03Z - obfuscated] Fetched access token from host login.microsoftonline.com.
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2025-01-10T16:04:41.7281407+00:00
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/tenants?api-version=2021-01-01

Headers:
Accept-Language               : en-US
x-ms-client-request-id        : obfuscated

Body:



DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-ratelimit-remaining-tenant-reads: 249
x-ms-request-id               : 8941c46a-0ca8-4faa-9092-4282eb038227
x-ms-correlation-request-id   : 8941c46a-0ca8-4faa-9092-4282eb038227
x-ms-routing-request-id       : SOUTHCENTRALUS:20250110T145903Z:8941c46a-0ca8-4faa-9092-4282eb038227
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
X-Cache                       : CONFIG_NOCACHE
X-MSEdge-Ref                  : Ref A: D19049E462C949B6AE149F2C5CBEF802 Ref B: SN4AA2022302023 Ref C: 2025-01-10T14:59:03Z
Date                          : Fri, 10 Jan 2025 14:59:03 GMT

Body:
{
  "value": [
    {
      "id": "/tenants/obfuscated",
      "tenantId": "obfuscated",
      "countryCode": "US",
      "displayName": "obfuscated LMS",
      "domains": [
        "obfuscated.com"
      ],
      "tenantCategory": "Home",
      "defaultDomain": "obfuscated.com",
      "tenantType": "AAD"
    },
    {
      "id": "/tenants/obfuscated",
      "tenantId": "obfuscated",
      "countryCode": "US",
      "displayName": "obfuscated",
      "domains": [
        "obfuscated.com"
      ],
      "tenantCategory": "Home",
      "defaultDomain": "obfuscated.com",
      "tenantType": "AAD"
    },
    {
      "id": "/tenants/obfuscated",
      "tenantId": "obfuscated",
      "countryCode": "CA",
      "displayName": "obfuscated",
      "domains": [
        "obfuscated.ca"
      ],
      "tenantCategory": "Home",
      "defaultDomain": "disks.onmicrosoft.com",
      "tenantType": "AAD"
    }
  ]
}


DEBUG: 8:59:03 AM - [ConfigManager] Got nothing from [DisableInstanceDiscovery], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 8:59:03 AM - [ConfigManager] Got nothing from [EnableLoginByWam], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 8:59:03 AM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'obfuscated', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'[email protected]'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [Runtime] WAM supported OS.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [RuntimeBroker] ListWindowsWorkAndSchoolAccounts option was not enabled.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - 13789221-275f-4077-bf59-d2e0294bf963] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] Found 1 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] Returning 1 accounts
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] MSAL MSAL.CoreCLR with assembly version '4.65.0.0'. CorrelationId(obfuscated)
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] LoginHint provided: False
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] Account provided: True
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] ForceRefresh: False
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - True
HomeAccountId - False
CorrelationId - obfuscated
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] === Token Acquisition (SilentRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] Broker is configured and enabled, attempting to use broker instead.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [Runtime] WAM supported OS.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] Can invoke broker. Will attempt to acquire token with broker.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0001]    WARNING  SetAuthorityUri:78      Initializing authority from URI 'https://login.microsoftonline.com/obfuscated/' without authority type, defaulting to MsSts
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:422    Printing Telemetry for Correlation ID: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: start_time, Value: 2025-01-10T14:59:04.000Z
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: api_name, Value: ReadAccountById
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: was_request_throttled, Value: false
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: authority_type, Value: Unknown
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: msal_version, Value: 1.1.0+local
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: correlation_id, Value: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: broker_app_used, Value: false
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: stop_time, Value: 2025-01-10T14:59:04.000Z
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: msalruntime_version, Value: 0.16.2
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: is_successful, Value: true
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     LogTelemetryData:430    Key: request_duration, Value: 0
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     SetCorrelationId:258    Set correlation ID: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     EnqueueBackgroundRequest:1000   The original authority is 'https://login.microsoftonline.com/obfuscated'
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     ModifyAndValidateAuthParameters:219     Additional query parameter added successfully. Key: '(pii)' Value: '(pii)'
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    INFO     ModifyAndValidateAuthParameters:243     Authority Realm: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0009]    WARNING  TryEnqueueMsaDeviceCredentialAcquisitionAndContinue:1052        MsaDeviceOperationProvider is not available. Not attempting to register the device.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     StorageTokenResponse:84 StorageTokenResponse account constructor invoked. This is only expected in Runtime flows
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    WARNING  StorageTokenResponse:15 No credentials found in the cache
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    WARNING  DiscardAccessAndIdTokensIfUnusable:789  No id token found in the cache
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    WARNING  DiscardAccessAndIdTokensIfUnusable:808  No access token found in the cache
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    WARNING  StorageTokenResponse:15 No credentials found in the cache
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    WARNING  GetPlatformPropertiesFromStorage:2013   No account found in cache.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    ERROR    ErrorInternalImpl:134   Created an error: 7rhah, StatusInternal::InteractionRequired, InternalEvent::None, Error Code 3399614476, Context '(pii)'
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:422    Printing Telemetry for Correlation ID: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: start_time, Value: 2025-01-10T14:59:04.000Z
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: api_name, Value: AcquireTokenSilently
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: was_request_throttled, Value: false
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: authority_type, Value: AAD
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: msal_version, Value: 1.1.0+local
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: api_status_code, Value: StatusInternal::InteractionRequired
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: client_id, Value: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: correlation_id, Value: obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: broker_app_used, Value: true
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: stop_time, Value: 2025-01-10T14:59:04.000Z
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: all_error_tags, Value: 7rhah|7rhah
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: msalruntime_version, Value: 0.16.2
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: original_authority, Value: https://login.microsoftonline.com/obfuscated
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: request_eligible_for_broker, Value: true
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: additional_query_parameters_count, Value: 1
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: storage_read, Value: DAC|DAMD
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: is_successful, Value: false
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: wam_telemetry, Value: {"x_ms_clitelem":"1,500212,0,1930931.3575,","ui_visible":false,"server_error_code":500212,"scope":"https://management.core.windows.net//.default offline_access openid profile","redirect_uri":"ms-appx-web://Microsoft.AAD.BrokerPlugin/obfuscated","provider_id":"https://login.windows.net","oauth_error_code":"interaction_required","http_status":400,"http_event_count":2,"http_content_type":"application/json; charset=utf-8","http_content_size":563,"device_join":"haadj","correlation_id":"{7ceccdec-fa62-445e-a1fb-e9c3a681004c}","client_id":"obfuscated","ccs_failover_v2":"1.P","cache_event_count":0,"broker_version":"10.0.26100.2454","authority":"https://login.microsoftonline.com/obfuscated","api_error_code":-895352820,"account_join_on_start":"primary","account_join_on_end":"primary","silent_code":0,"silent_bi_sub_code":0,"silent_message":"","silent_status":0,"is_cached":1}
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: auth_flow, Value: Broker
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: broker_error_location, Value: 7rhah
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: api_error_code, Value: 3399614476
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: api_error_tag, Value: 7rhah
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: api_error_context, Value: (pii)
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: authorization_type, Value: WindowsIntegratedAuth
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:430    Key: request_duration, Value: 36
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:435    Printing Execution Flow:
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [MSAL:0003]    INFO     LogTelemetryData:443    {"t":"4s7uc","tid":9,"ts":0,"l":2},{"t":"4sufd","tid":9,"ts":0,"s":2,"l":2},{"t":"4swgg","tid":9,"ts":0,"s":7,"l":2},{"t":"4swgf","tid":9,"ts":0,"s":1,"l":2},{"t":"4swgi","tid":3,"ts":0,"s":7,"l":2},{"t":"8b2yn","tid":3,"ts":0,"l":2},{"t":"8dqkx","tid":3,"ts":0,"l":2},{"t":"8dqik","tid":3,"ts":0,"l":2},{"t":"4q2di","tid":3,"ts":0,"l":2},{"t":"4qnng","tid":3,"ts":0,"l":2,"a":2,"ie":0},{"t":"4qnnf","tid":3,"ts":3,"l":2,"a":2,"ie":1},{"t":"8dqit","tid":3,"ts":3,"l":2},{"t":"8b2ht","tid":3,"ts":3,"l":2},{"t":"4qnno","tid":3,"ts":3,"l":2,"a":2,"ie":0},{"t":"4qnnn","tid":3,"ts":4,"l":2,"a":2,"ie":1},{"t":"8dqiq","tid":3,"ts":4,"l":2},{"t":"8dqir","tid":3,"ts":4,"l":2},{"t":"4qwi1","tid":3,"ts":4,"l":2},{"t":"4qnna","tid":3,"ts":4,"l":2,"a":2,"ie":0},{"t":"4qnm9","tid":3,"ts":4,"l":2,"a":2,"ie":1},{"t":"8dqin","tid":3,"ts":4,"l":2},{"t":"4qnno","tid":3,"ts":4,"l":2,"a":2,"ie":0},{"t":"4qnnn","tid":3,"ts":4,"l":2,"a":2,"ie":1},{"t":"8b2hu","tid":3,"ts":4,"l":2},{"t":"5b8fg","tid":3,"ts":14,"l":2},{"t":"8dqk0","tid":3,"ts":14,"l":2},{"t":"4qnng","tid":3,"ts":14,"l":2,"a":2,"ie":0},{"t":"4qnnf","tid":3,"ts":14,"l":2,"a":2,"ie":1},{"t":"8dqjd","tid":3,"ts":14,"l":2},{"t":"694nj","tid":3,"ts":14,"l":2,"a":10,"ie":0},{"t":"4vw1f","tid":3,"ts":14,"l":2},{"t":"4wqnh","tid":3,"ts":15,"l":2},{"t":"4vw1c","tid":3,"ts":17,"l":2},{"t":"4vw1b","tid":3,"ts":17,"l":2},{"t":"4wqnk","tid":3,"ts":17,"l":2},{"t":"6omfm","tid":3,"ts":21,"l":2},{"t":"4vw1a","tid":3,"ts":21,"l":2},{"t":"4wqnf","tid":3,"ts":21,"l":2},{"t":"4wqm5","tid":3,"ts":29,"l":2},{"t":"4wqm6","tid":3,"ts":29,"l":2},{"t":"4u9jc","tid":3,"ts":36,"l":2},{"t":"58yep","tid":3,"ts":36,"l":2},{"t":"694nk","tid":3,"ts":36,"l":2,"a":10,"ie":1},{"t":"8dqk1","tid":3,"ts":36,"l":2},{"t":"646u1","tid":3,"ts":36,"l":2}
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [RuntimeBroker] Could not acquire token silently. Status: InteractionRequired
Error: 0xcaa2000c
Context: (pii)
Tag: 0x21447007
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [RuntimeBroker] Processing WAM exception
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [RuntimeBroker] failed_to_acquire_token_silently_from_broker WAM Error
 Error Code: 3399614476
 Error Message: (pii)
 Internal Error Code: 558133255

DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] Exception type: Microsoft.Identity.Client.MsalUiRequiredException
, ErrorCode: failed_to_acquire_token_silently_from_broker
HTTP StatusCode 0
CorrelationId obfuscated
To see full exception details, enable PII Logging. See https://aka.ms/msal-net-logging
   at Microsoft.Identity.Client.Internal.Requests.Silent.SilentRequest.ExecuteAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.<>c__DisplayClass11_1.<<RunAsync>b__1>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.Identity.Client.Utils.StopwatchService.MeasureCodeBlockAsync(Func`1 codeBlock)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)

DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  Exception: Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user obfuscated@obfuscated.com. Ensure that you have authenticated with a developer tool that supports Azure single sign on.
 ---> Microsoft.Identity.Client.MsalUiRequiredException (0x80131500): WAM Error
 Error Code: 3399614476
 Error Message: (pii)
 Internal Error Code: 558133255

WARNING: Unable to acquire token for tenant '' with error 'Authentication failed against tenant obfuscated. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentication (MFA). If you need to access subscriptions in that tenant, please rerun 'Connect-AzAccount' with additional parameter '-TenantId obfuscated'.'
DEBUG: 8:59:04 AM - [ConfigManager] Got nothing from [DisableInstanceDiscovery], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 8:59:04 AM - [ConfigManager] Got nothing from [EnableLoginByWam], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 8:59:04 AM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'obfuscated', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'[email protected]'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [Runtime] WAM supported OS.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] [RuntimeBroker] ListWindowsWorkAndSchoolAccounts option was not enabled.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - 8df9b58b-a59b-40a3-bed2-ace9307d1a62] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] Found 1 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z] Returning 1 accounts
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] MSAL MSAL.CoreCLR with assembly version '4.65.0.0'. CorrelationId(obfuscated)
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] LoginHint provided: False
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] Account provided: True
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] ForceRefresh: False
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - True
HomeAccountId - False
CorrelationId - obfuscated
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 8.0.10 Microsoft Windows 10.0.26100 [2025-01-10 14:59:04Z - obfuscated] === Token Acquisition (SilentRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
HTTP Method:
GET

Absolute Uri:
https://management.azure.com/subscriptions/obfuscated?api-version=2021-01-01

Headers:
Accept-Language               : en-US
x-ms-client-request-id        : obfuscated

Body:



DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-ratelimit-remaining-subscription-reads: 249
x-ms-ratelimit-remaining-subscription-global-reads: 3749
x-ms-request-id               : obfuscated
x-ms-correlation-request-id   : obfuscated
x-ms-routing-request-id       : SOUTHCENTRALUS:20250110T145904Z:obfuscated
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
X-Cache                       : CONFIG_NOCACHE
X-MSEdge-Ref                  : Ref A: obfuscated Ref B: obfuscated Ref C: 2025-01-10T14:59:04Z
Date                          : Fri, 10 Jan 2025 14:59:03 GMT

Body:
{
  "id": "/subscriptions/obfuscated",
  "authorizationSource": "RoleBased",
  "managedByTenants": [
    {
      "tenantId": "obfuscated"
    }
  ],
  "subscriptionId": "obfuscated",
  "tenantId": "obfuscated",
  "displayName": "obfuscated IT Sandbox EastUS",
  "state": "Enabled",
  "subscriptionPolicies": {
    "locationPlacementId": "Public_2014-09-01",
    "quotaId": "obfuscated",
    "spendingLimit": "Off"
  }
}

HTTP Method:
PUT

Absolute Uri:
https://management.azure.com/subscriptions/obfuscated/resourceGroups/rg-obfuscated-it-sandbox-app-eastus-001/providers/Microsoft.ApiManagement/service/apim-obfuscated-it-sandbox-eastus-001/subscriptions/obfuscated?api-version=2021-08-01

Headers:
Accept-Language               : en-US
x-ms-client-request-id        : obfuscated

Body:
{
  "properties": {
    "ownerId": "/users/1",
    "scope": "sub-app-obfuscated-ecb-eastus-005"
  }
}


DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
BadRequest

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
x-ms-request-id               : obfuscated
x-ms-ratelimit-remaining-subscription-writes: 199
x-ms-ratelimit-remaining-subscription-global-writes: 2999
x-ms-correlation-request-id   : obfuscated
x-ms-routing-request-id       : SOUTHCENTRALUS:obfuscated:obfuscated
X-Cache                       : CONFIG_NOCACHE
X-MSEdge-Ref                  : Ref A:  Ref B: Ref C:
Date                          : Fri, 10 Jan 2025 14:59:05 GMT

Body:
{
  "error": {
    "code": "ValidationError",
    "message": "One or more fields contain incorrect values:",
    "details": [
      {
        "code": "ValidationError",
        "target": "scope",
        "message": "Subscription scope should be one of '/apis', '/apis/{apiId}', '/products/{productId}'"
      }
    ]
  }
}


DEBUG: 8:59:05 AM - [ConfigManager] Got nothing from [EnableErrorRecordsPersistence], Module = [], Cmdlet = []. Returning default value [False].
   Tenant: obfuscated LMS (obfuscated)

SubscriptionName          SubscriptionId                       Account                 Environment
----------------          --------------                       -------                 -----------
obfuscated IT Sandbox EastUS obfuscated obfuscated@obfuscated.com AzureCloud
New-AzApiManagementSubscription:
Line |
   5 |  New-AzApiManagementSubscription -Context $apimContext -Name "sub-app- …
     |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     |
Error Code: ValidationError
Error Message: One or more fields contain incorrect values:
Request Id: obfuscated
Error Details:
        [Code= ValidationError, Message= Subscription scope should be one of '/apis', '/apis/{apiId}', '/products/{productId}', Target= scope]
DEBUG: 8:59:05 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 8:59:05 AM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 8:59:05 AM - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent:  Module: Az.ApiManagement:4.0.5; CommandName: New-AzApiManagementSubscription; PSVersion: 7.4.6; IsSuccess: False; Duration: 00:00:00.5904675; SanitizeDuration: 00:00:00; Exception:
Error Code: ValidationError
Error Message: One or more fields contain incorrect values:
Request Id: obfuscated
Error Details:
        [Code= ValidationError, Message= Subscription scope should be one of '/apis', '/apis/{apiId}', '/products/{productId}', Target= scope]
;
DEBUG: 8:59:05 AM - [ConfigManager] Got nothing from [EnableDataCollection], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 8:59:05 AM - NewAzureApiManagementSubscription end processing.

Environment data

Name                           Value
----                           -----
PSVersion                      7.4.6
PSEdition                      Core
GitCommitId                    7.4.6
OS                             Microsoft Windows 10.0.26100
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

ModuleType Version    PreRelease Name                                ExportedCommands
---------- -------    ---------- ----                                ----------------
Script     4.0.0                 Az.Accounts                         {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Script     4.0.5                 Az.ApiManagement                    {Add-AzApiManagementApiToGateway, Add-AzApiManagementApiToProduct, Add-AzApiManagementProductToGroup, Add-AzApiManagementRegion…}

Error output

Error Code: ValidationError
Error Message: One or more fields contain incorrect values:
Request Id: obfuscated
Error Details:
[Code= ValidationError, Message= Subscription scope should be one of '/apis', '/apis/{apiId}', '/products/{productId}', Target= scope]
DEBUG: 8:59:05 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 8:59:05 AM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 8:59:05 AM - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent: Module: Az.ApiManagement:4.0.5; CommandName: New-AzApiManagementSubscription; PSVersion: 7.4.6; IsSuccess: False; Duration: 00:00:00.5904675; SanitizeDuration: 00:00:00; Exception:
Error Code: ValidationError
Error Message: One or more fields contain incorrect values:
Request Id: obfuscated
Error Details:
[Code= ValidationError, Message= Subscription scope should be one of '/apis', '/apis/{apiId}', '/products/{productId}', Target= scope]
;


      		
    

      
  





        

            


            

              
            

        

      


      
    








      

    



      

  
            

    

      
    

    


      

          @taylorbutcher
taylorbutcher




            added
      

  bug

  This issue requires a change to an existing behavior in the product in order to be resolved.

      

  needs-triage

  This is a new issue that needs to be triaged to the appropriate team.

  labels


      Jan 10, 2025

    

  



    

    

      
    

    


      

          @microsoft-github-policy-service
microsoft-github-policy-service
bot



            added
      

  customer-reported


      

  needs-triage

  This is a new issue that needs to be triaged to the appropriate team.

    and removed
      

  needs-triage

  This is a new issue that needs to be triaged to the appropriate team.

  labels


      Jan 10, 2025

    

  



    

    

      
    

    


      

          @taylorbutcher
taylorbutcher




        changed the title
New-AzApiManagementSubscription doesn't seem to work when scoped to API

New-AzApiManagementSubscription doesn't work when scoped to API


      Jan 15, 2025

    

  








      

  
      



  

  @taylorbutcher





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      



      

  Author


  


  

    

  





      


        


  
    

      
          
Hello, just checking in to see if anyone has been able to take a look at this yet?

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
      



  

  @isra-fel





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

  
  Member


      

  


  

    

  





      


        


  
    

      
          
Looks to me like a bug in the cmdlet's implementation. It should set "scope" property to what user inputed, but instead it used the name. I'll loop in onwer of this module

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
            

    

      
    

    


      

          @isra-fel
isra-fel




            added
      

  API Management


      

  Service Attention

  This issue is responsible by Azure service team.

  labels


      Jan 16, 2025

    

  



    

    

      
    

    


      

          @microsoft-github-policy-service
microsoft-github-policy-service
bot



          removed
  the 

  needs-triage

  This is a new issue that needs to be triaged to the appropriate team.
 label


      Jan 16, 2025

    

  








      

  
      



  

  @microsoft-github-policy-service

    
      Microsoft GitHub Policy Service
    




  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

  
    Contributor


      

  


  

    

  





      


        


  
    

      
          
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @solankisamir, @mikebudzynski, @KedarJoshi, @yingru97.


      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    











      

  
    

      
        1 similar comment
      
    

  
    

  
      



  

  @microsoft-github-policy-service

    
      Microsoft GitHub Policy Service
    




  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

  
    Contributor


      

  


  

    

  





      


        


  
    

      
          
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @solankisamir, @mikebudzynski, @KedarJoshi, @yingru97.


      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    














      

  
      



  

  @taylorbutcher





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      



      

  Author


  


  

    

  





      


        


  
    

      
          
Thank you! @isra-fel @solankisamir @mikebudzynski @KedarJoshi @yingru97

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
      



  

  @taylorbutcher





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      



      

  Author


  


  

    

  





      


        


  
    

      
          
Hello, just checking in to see if anyone has been able to take a look at this yet?

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    
















  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                  




    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

      

    API Management

  

    bug

  This issue requires a change to an existing behavior in the product in order to be resolved.
  

    customer-reported

  

    Service Attention

  This issue is responsible by Azure service team.








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    
      

        
    

    Development
  




          
    
No branches or pull requests







    
  




      

    

  
      

  

    

      2 participants
    

    

        
          @isra-fel 
        
          @taylorbutcher