azure-cli
azure-cli copied to clipboard
Published
20 hours ago •
Azure
Azure
v2.50.0 az apim api update gives error: 'Cannot use OAuth2AuthenticationSettings in combination with OAuth2'
Describe the bug
Following update to azure cli version 2.50.0, our deployment script that imports an API to API Management Service and sets the OAuth2 authorization server ID now fails with the error:
Cannot use OAuth2AuthenticationSettings in combination with OAuth2
This has been working for a long time on previous versions of the CLI. We are running the script in Azure Pipeline Agents.
Related command
az apim api import
az apim api update
Errors
azure.core.exceptions.HttpResponseError: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
cli.azure.cli.core.azclierror: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
az_command_data_logger: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Issue script & Debug output
First we import the API from its OpenAPI specifications:
az apim api import --resource-group REDACTED --service-name REDACTED --path "REDACTED" --api-id REDACTED --specification-format OpenApi --specification-url https://REDACTED.azurewebsites.net/api/openapi/v3.yaml --only-show-errors
OUTPUT:
{
"apiRevision": "1",
"apiRevisionDescription": null,
"apiType": null,
"apiVersion": null,
"apiVersionDescription": null,
"apiVersionSet": null,
"apiVersionSetId": null,
"authenticationSettings": {
"oAuth2": null,
"oAuth2AuthenticationSettings": [],
"openid": null,
"openidAuthenticationSettings": []
},
"contact": null,
"description": "REDACTED",
"displayName": "REDACTED",
"id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED",
"isCurrent": true,
"isOnline": null,
"license": null,
"name": "REDACTED",
"path": "REDACTED",
"protocols": [
"https"
],
"resourceGroup": "REDACTED",
"serviceUrl": "https://REDACTED.azurewebsites.net/api",
"sourceApiId": null,
"subscriptionKeyParameterNames": {
"header": "Ocp-Apim-Subscription-Key",
"query": "subscription-key"
},
"subscriptionRequired": false,
"termsOfServiceUrl": null,
"type": "Microsoft.ApiManagement/service/apis"
}
Then we update the "authenticationSettings.oAuth2.authorizationServerId" property to enable authentication on the API
az apim api update --resource-group REDACTED --service-name REDACTED --api-id REDACTED --set authenticationSettings.oAuth2.authorizationServerId=REDACTED --only-show-errors
OUTPUT:
cli.azure.cli.core.azclierror: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
az_command_data_logger: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Full output with --debug:
C:\Users\REDACTED>az version
{
"azure-cli": "2.50.0",
"azure-cli-core": "2.50.0",
"azure-cli-telemetry": "1.0.8",
"extensions": {
"alias": "0.5.2",
"application-insights": "0.1.19",
"azure-devops": "0.26.0",
"logic": "0.1.7",
"virtual-wan": "0.2.17"
}
}
C:\Users\REDACTED>
C:\Users\REDACTED>az apim api import --resource-group REDACTED --service-name REDACTED --path "REDACTED" --api-id REDACTED --specification-format OpenApi --specification-url https://REDACTED.azurewebsites.net/api/openapi/v3.yaml --debug
cli.knack.cli: Command arguments: ['apim', 'api', 'import', '--resource-group', 'REDACTED', '--service-name', 'REDACTED', '--path', 'REDACTED', '--api-id', 'REDACTED', '--specification-format', 'OpenApi', '--specification-url', 'https://REDACTED.azurewebsites.net/api/openapi/v3.yaml', '--debug']
cli.knack.cli: __init__ debug log:
Enable color in terminal.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x01F0A4F0>, <function OutputProducer.on_global_arguments at 0x0200C730>, <function CLIQuery.on_global_arguments at 0x02128388>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Modules found from index for 'apim': ['azure.cli.command_modules.apim']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name Load Time Groups Commands
cli.azure.cli.core: apim 0.008 14 68
cli.azure.cli.core: Total (1) 0.008 14 68
cli.azure.cli.core: These extensions are not installed and will be skipped: ['azext_ai_examples', 'azext_next']
cli.azure.cli.core: Loading extensions:
cli.azure.cli.core: Name Load Time Groups Commands Directory
cli.azure.cli.core: Total (0) 0.000 0 0
cli.azure.cli.core: Loaded 14 groups, 68 commands.
cli.azure.cli.core: Found a match in the command table.
cli.azure.cli.core: Raw command : apim api import
cli.azure.cli.core: Command table: apim api import
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x042CD5C8>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users\REDACTED\.azure\commands\2023-07-14.10-30-44.apim_api_import.17500.log'.
az_command_data_logger: command args: apim api import --resource-group {} --service-name {} --path {} --api-id {} --specification-format {} --specification-url {} --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument.<locals>.add_subscription_parameter at 0x042F46E8>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument.<locals>.add_ids_arguments at 0x04302610>, <function register_cache_arguments.<locals>.add_cache_arguments at 0x04302808>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x0200C778>, <function CLIQuery.handle_query_parameter at 0x021283D0>, <function register_ids_argument.<locals>.parse_ids_arguments at 0x043027C0>]
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ApiManagementClient
cli.azure.cli.core.auth.persistence: build_persistence: location='C:\\Users\\REDACTED\\.azure\\msal_token_cache.bin', encrypt=True
cli.azure.cli.core.auth.binary_cache: load: C:\Users\REDACTED\.azure\msal_http_cache.bin
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/REDACTED/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/REDACTED/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/REDACTED/kerberos', 'tenant_region_scope': 'EU', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.auth.credential_adaptor: CredentialAdaptor.get_token: scopes=('https://management.core.windows.net//.default',), kwargs={}
cli.azure.cli.core.auth.msal_authentication: UserCredential.get_token: scopes=('https://management.core.windows.net//.default',), claims=None, kwargs={}
msal.application: Cache hit an AT
msal.telemetry: Generate or reuse correlation_id: f227c18f-4819-464a-a82e-492d3da560ed
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01'
cli.azure.cli.core.sdk.policies: Request method: 'PUT'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json'
cli.azure.cli.core.sdk.policies: 'Content-Length': '153'
cli.azure.cli.core.sdk.policies: 'Accept': 'application/json'
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'b97a2b7e-2220-11ee-b089-f09e4a8b31ec'
cli.azure.cli.core.sdk.policies: 'CommandName': 'apim api import'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--resource-group --service-name --path --api-id --specification-format --specification-url --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.50.0 (MSI) azsdk-python-mgmt-apimanagement/4.0.0 Python/3.10.10 (Windows-10-10.0.22621-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: {"properties": {"path": "REDACTED", "value": "https://REDACTED.azurewebsites.net/api/openapi/v3.yaml", "format": "openapi-link"}}
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "PUT /subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01 HTTP/1.1" 202 0
cli.azure.cli.core.sdk.policies: Response status: 202
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'Location': 'https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01&asyncId=64b107b42cb41a283486d106&asyncCode=200'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': 'c910535b-9c1d-4278-a50d-949574626966'
cli.azure.cli.core.sdk.policies: 'Server': 'Microsoft-HTTPAPI/2.0, Microsoft-HTTPAPI/2.0'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-writes': '1196'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': 'c910535b-9c1d-4278-a50d-949574626966'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'SWEDENSOUTH:20230714T083044Z:c910535b-9c1d-4278-a50d-949574626966'
cli.azure.cli.core.sdk.policies: 'Date': 'Fri, 14 Jul 2023 08:30:43 GMT'
cli.azure.cli.core.sdk.policies: 'Content-Length': '0'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies:
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01&asyncId=64b107b42cb41a283486d106&asyncCode=200'
cli.azure.cli.core.sdk.policies: Request method: 'GET'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'b97a2b7e-2220-11ee-b089-f09e4a8b31ec'
cli.azure.cli.core.sdk.policies: 'CommandName': 'apim api import'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--resource-group --service-name --path --api-id --specification-format --specification-url --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.50.0 (MSI) azsdk-python-mgmt-apimanagement/4.0.0 Python/3.10.10 (Windows-10-10.0.22621-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: This request has no body
urllib3.connectionpool: https://management.azure.com:443 "GET /subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01&asyncId=64b107b42cb41a283486d106&asyncCode=200 HTTP/1.1" 200 None
cli.azure.cli.core.sdk.policies: Response status: 200
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Transfer-Encoding': 'chunked'
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.sdk.policies: 'Content-Encoding': 'gzip'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'ETag': '"AAAABJr0+yI="'
cli.azure.cli.core.sdk.policies: 'Vary': 'Accept-Encoding'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': 'a63cc0e9-ed06-4f6c-88ed-302e0f73352c'
cli.azure.cli.core.sdk.policies: 'Server': 'Microsoft-HTTPAPI/2.0, Microsoft-HTTPAPI/2.0'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-reads': '11829'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': 'a63cc0e9-ed06-4f6c-88ed-302e0f73352c'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'SWEDENSOUTH:20230714T083045Z:a63cc0e9-ed06-4f6c-88ed-302e0f73352c'
cli.azure.cli.core.sdk.policies: 'Date': 'Fri, 14 Jul 2023 08:30:44 GMT'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies: {
"id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED",
"type": "Microsoft.ApiManagement/service/apis",
"name": "REDACTED",
"properties": {
"displayName": "REDACTED Api",
"apiRevision": "1",
"description": "REDACTED",
"subscriptionRequired": false,
"serviceUrl": "https://REDACTED.azurewebsites.net/api",
"path": "REDACTED",
"protocols": [
"https"
],
"authenticationSettings": {
"oAuth2": null,
"openid": null,
"oAuth2AuthenticationSettings": [],
"openidAuthenticationSettings": []
},
"subscriptionKeyParameterNames": {
"header": "Ocp-Apim-Subscription-Key",
"query": "subscription-key"
},
"isCurrent": true
}
}
cli.knack.cli: Event: CommandInvoker.OnTransformResult [<function _resource_group_transform at 0x042F2E80>, <function _x509_from_base64_to_hex_transform at 0x042F2EC8>]
cli.knack.cli: Event: CommandInvoker.OnFilterResult []
{
"apiRevision": "1",
"apiRevisionDescription": null,
"apiType": null,
"apiVersion": null,
"apiVersionDescription": null,
"apiVersionSet": null,
"apiVersionSetId": null,
"authenticationSettings": {
"oAuth2": null,
"oAuth2AuthenticationSettings": [],
"openid": null,
"openidAuthenticationSettings": []
},
"contact": null,
"description": "REDACTED",
"displayName": "REDACTED Api",
"id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED",
"isCurrent": true,
"isOnline": null,
"license": null,
"name": "REDACTED",
"path": "REDACTED",
"protocols": [
"https"
],
"resourceGroup": "REDACTED",
"serviceUrl": "https://REDACTED.azurewebsites.net/api",
"sourceApiId": null,
"subscriptionKeyParameterNames": {
"header": "Ocp-Apim-Subscription-Key",
"query": "subscription-key"
},
"subscriptionRequired": false,
"termsOfServiceUrl": null,
"type": "Microsoft.ApiManagement/service/apis"
}
cli.knack.cli: Event: Cli.SuccessfulExecute []
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x042CD6E8>]
az_command_data_logger: exit code: 0
cli.__main__: Command ran in 2.341 seconds (init: 0.399, invoke: 1.943)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3447 in cache
telemetry.check: Negative: The C:\Users\REDACTED\.azure\telemetry.txt was modified at 2023-07-14 10:23:31.743124, which in less than 600.000000 s
C:\Users\REDACTED>
C:\Users\REDACTED>az apim api update --resource-group REDACTED --service-name REDACTED --api-id REDACTED --set authenticationSettings.oAuth2.authorizationServerId=REDACTED --debug
cli.knack.cli: Command arguments: ['apim', 'api', 'update', '--resource-group', 'REDACTED', '--service-name', 'REDACTED', '--api-id', 'REDACTED', '--set', 'authenticationSettings.oAuth2.authorizationServerId=REDACTED', '--debug']
cli.knack.cli: __init__ debug log:
Enable color in terminal.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x023AA4A8>, <function OutputProducer.on_global_arguments at 0x025AD6E8>, <function CLIQuery.on_global_arguments at 0x025C8340>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Modules found from index for 'apim': ['azure.cli.command_modules.apim']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name Load Time Groups Commands
cli.azure.cli.core: apim 0.009 14 68
cli.azure.cli.core: Total (1) 0.009 14 68
cli.azure.cli.core: These extensions are not installed and will be skipped: ['azext_ai_examples', 'azext_next']
cli.azure.cli.core: Loading extensions:
cli.azure.cli.core: Name Load Time Groups Commands Directory
cli.azure.cli.core: Total (0) 0.000 0 0
cli.azure.cli.core: Loaded 14 groups, 68 commands.
cli.azure.cli.core: Found a match in the command table.
cli.azure.cli.core: Raw command : apim api update
cli.azure.cli.core: Command table: apim api update
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x0476D580>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users\REDACTED\.azure\commands\2023-07-14.10-30-46.apim_api_update.5208.log'.
az_command_data_logger: command args: apim api update --resource-group {} --service-name {} --api-id {} --set {} --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument.<locals>.add_subscription_parameter at 0x047946A0>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument.<locals>.add_ids_arguments at 0x047A25C8>, <function register_cache_arguments.<locals>.add_cache_arguments at 0x047A27C0>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x025AD730>, <function CLIQuery.handle_query_parameter at 0x025C8388>, <function register_ids_argument.<locals>.parse_ids_arguments at 0x047A2778>]
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ApiManagementClient
cli.azure.cli.core.auth.persistence: build_persistence: location='C:\\Users\\REDACTED\\.azure\\msal_token_cache.bin', encrypt=True
cli.azure.cli.core.auth.binary_cache: load: C:\Users\REDACTED\.azure\msal_http_cache.bin
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/REDACTED/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/REDACTED/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/REDACTED/kerberos', 'tenant_region_scope': 'EU', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.auth.credential_adaptor: CredentialAdaptor.get_token: scopes=('https://management.core.windows.net//.default',), kwargs={}
cli.azure.cli.core.auth.msal_authentication: UserCredential.get_token: scopes=('https://management.core.windows.net//.default',), claims=None, kwargs={}
msal.application: Cache hit an AT
msal.telemetry: Generate or reuse correlation_id: a064b04c-4458-402f-9f94-c0b25d478d09
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01'
cli.azure.cli.core.sdk.policies: Request method: 'GET'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'Accept': 'application/json'
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'baf8b9b1-2220-11ee-a6dc-f09e4a8b31ec'
cli.azure.cli.core.sdk.policies: 'CommandName': 'apim api update'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--resource-group --service-name --api-id --set --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.50.0 (MSI) azsdk-python-mgmt-apimanagement/4.0.0 Python/3.10.10 (Windows-10-10.0.22621-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: This request has no body
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "GET /subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01 HTTP/1.1" 200 None
cli.azure.cli.core.sdk.policies: Response status: 200
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Transfer-Encoding': 'chunked'
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.sdk.policies: 'Content-Encoding': 'gzip'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'ETag': '"AAAABJr0+yI="'
cli.azure.cli.core.sdk.policies: 'Vary': 'Accept-Encoding'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': 'f7794531-8696-4883-b2a8-4aa9aa1f9f3c'
cli.azure.cli.core.sdk.policies: 'Server': 'Microsoft-HTTPAPI/2.0, Microsoft-HTTPAPI/2.0'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-reads': '11967'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': 'f7794531-8696-4883-b2a8-4aa9aa1f9f3c'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'SWEDENSOUTH:20230714T083046Z:f7794531-8696-4883-b2a8-4aa9aa1f9f3c'
cli.azure.cli.core.sdk.policies: 'Date': 'Fri, 14 Jul 2023 08:30:46 GMT'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies: {
"id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED",
"type": "Microsoft.ApiManagement/service/apis",
"name": "REDACTED",
"properties": {
"displayName": "REDACTED Api",
"apiRevision": "1",
"description": "REDACTED",
"subscriptionRequired": false,
"serviceUrl": "https://REDACTED.azurewebsites.net/api",
"path": "REDACTED",
"protocols": [
"https"
],
"authenticationSettings": {
"oAuth2": null,
"openid": null,
"oAuth2AuthenticationSettings": [],
"openidAuthenticationSettings": []
},
"subscriptionKeyParameterNames": {
"header": "Ocp-Apim-Subscription-Key",
"query": "subscription-key"
},
"isCurrent": true
}
}
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ApiManagementClient
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/REDACTED/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/REDACTED/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/REDACTED/kerberos', 'tenant_region_scope': 'EU', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ApiManagementClient
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/REDACTED/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/REDACTED/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/REDACTED/kerberos', 'tenant_region_scope': 'EU', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.util: malformed node or string on line 1: <ast.BinOp object at 0x05316F28>
cli.azure.cli.core.auth.credential_adaptor: CredentialAdaptor.get_token: scopes=('https://management.core.windows.net//.default',), kwargs={}
cli.azure.cli.core.auth.msal_authentication: UserCredential.get_token: scopes=('https://management.core.windows.net//.default',), claims=None, kwargs={}
msal.application: Cache hit an AT
msal.telemetry: Generate or reuse correlation_id: 084f2ecb-a6bd-40e0-a856-af4eaa90bb8d
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01'
cli.azure.cli.core.sdk.policies: Request method: 'PUT'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json'
cli.azure.cli.core.sdk.policies: 'Content-Length': '577'
cli.azure.cli.core.sdk.policies: 'Accept': 'application/json'
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'baf8b9b1-2220-11ee-a6dc-f09e4a8b31ec'
cli.azure.cli.core.sdk.policies: 'CommandName': 'apim api update'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--resource-group --service-name --api-id --set --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.50.0 (MSI) azsdk-python-mgmt-apimanagement/4.0.0 Python/3.10.10 (Windows-10-10.0.22621-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: {"properties": {"description": "REDACTED", "authenticationSettings": {"oAuth2": {"authorizationServerId": "REDACTED"}, "oAuth2AuthenticationSettings": [], "openidAuthenticationSettings": []}, "subscriptionKeyParameterNames": {"header": "Ocp-Apim-Subscription-Key", "query": "subscription-key"}, "apiRevision": "1", "isCurrent": true, "subscriptionRequired": false, "displayName": "REDACTED Api", "serviceUrl": "https://REDACTED.azurewebsites.net/api", "path": "REDACTED", "protocols": ["https"]}}
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "PUT /subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01 HTTP/1.1" 400 142
cli.azure.cli.core.sdk.policies: Response status: 400
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Content-Length': '142'
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': 'b641c111-bb80-4e00-9558-3972fc8ed04d'
cli.azure.cli.core.sdk.policies: 'Server': 'Microsoft-HTTPAPI/2.0, Microsoft-HTTPAPI/2.0'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-writes': '1195'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': 'b641c111-bb80-4e00-9558-3972fc8ed04d'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'SWEDENSOUTH:20230714T083047Z:b641c111-bb80-4e00-9558-3972fc8ed04d'
cli.azure.cli.core.sdk.policies: 'Date': 'Fri, 14 Jul 2023 08:30:46 GMT'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies: {"error":{"code":"ValidationError","message":"Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.","details":null}}
cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 663, in execute
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 726, in _run_jobs_serially
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 697, in _run_job
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 333, in __call__
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 240, in handler
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 452, in cached_put
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 446, in _put_operation
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/core/tracing/decorator.py", line 78, in wrapper_use_tracer
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/mgmt/apimanagement/operations/_api_operations.py", line 890, in begin_create_or_update
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/mgmt/apimanagement/operations/_api_operations.py", line 727, in _create_or_update_initial
azure.core.exceptions.HttpResponseError: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
cli.azure.cli.core.azclierror: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
az_command_data_logger: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x0476D6A0>]
az_command_data_logger: exit code: 1
cli.__main__: Command ran in 1.542 seconds (init: 0.395, invoke: 1.147)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3625 in cache
telemetry.check: Negative: The C:\Users\REDACTED\.azure\telemetry.txt was modified at 2023-07-14 10:23:31.743124, which in less than 600.000000 s
Expected behavior
The API should be imported from the specification and OAuth2 should be enabled on the API.
Environment Summary
azure-cli 2.50.0
core 2.50.0
telemetry 1.0.8
Extensions:
alias 0.5.2
application-insights 0.1.19
azure-devops 0.26.0
logic 0.1.7
virtual-wan 0.2.17
Dependencies:
msal 1.22.0
azure-mgmt-resource 23.1.0b2
Python location 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\REDACTED\.azure\cliextensions'
Python (Windows) 3.10.10 (tags/v3.10.10:aad5f6a, Feb 7 2023, 17:05:00) [MSC v.1929 32 bit (Intel)]
Legal docs and information: aka.ms/AzureCliLegal
Your CLI is up-to-date.
Additional context
No response
@Hekku2 Our hotfix for now is to replace the az apim api update command with the following:
az rest --method PATCH --uri https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-09-01-preview --body '{\"properties\":{\"authenticationSettings\":{\"oAuth2\":{\"authorizationServerId\":\"REDACTED\"}}}}'
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @adrianhall, @KedarJoshi.
Issue Details
Describe the bug
Following update to azure cli version 2.50.0, our deployment script that imports an API to API Management Service and sets the OAuth2 authorization server ID now fails with the error:
Cannot use OAuth2AuthenticationSettings in combination with OAuth2
This has been working for a long time on previous versions of the CLI. We are running the script in Azure Pipeline Agents.
Related command
az apim api import
az apim api update
Errors
azure.core.exceptions.HttpResponseError: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
cli.azure.cli.core.azclierror: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
az_command_data_logger: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Issue script & Debug output
First we import the API from its OpenAPI specifications:
az apim api import --resource-group REDACTED --service-name REDACTED --path "reconciliation" --api-id REDACTED --specification-format OpenApi --specification-url https://REDACTED.azurewebsites.net/api/openapi/v3.yaml --only-show-errors
OUTPUT:
{
"apiRevision": "1",
"apiRevisionDescription": null,
"apiType": null,
"apiVersion": null,
"apiVersionDescription": null,
"apiVersionSet": null,
"apiVersionSetId": null,
"authenticationSettings": {
"oAuth2": null,
"oAuth2AuthenticationSettings": [],
"openid": null,
"openidAuthenticationSettings": []
},
"contact": null,
"description": "REDACTED",
"displayName": "REDACTED",
"id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED",
"isCurrent": true,
"isOnline": null,
"license": null,
"name": "REDACTED",
"path": "REDACTED",
"protocols": [
"https"
],
"resourceGroup": "REDACTED",
"serviceUrl": "https://REDACTED.azurewebsites.net/api",
"sourceApiId": null,
"subscriptionKeyParameterNames": {
"header": "Ocp-Apim-Subscription-Key",
"query": "subscription-key"
},
"subscriptionRequired": false,
"termsOfServiceUrl": null,
"type": "Microsoft.ApiManagement/service/apis"
}
Then we update the "authenticationSettings.oAuth2.authorizationServerId" property to enable authentication on the API
az apim api update --resource-group REDACTED --service-name REDACTED --api-id REDACTED --set authenticationSettings.oAuth2.authorizationServerId=REDACTED --only-show-errors
OUTPUT:
cli.azure.cli.core.azclierror: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
az_command_data_logger: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Full output with --debug:
C:\Users\REDACTED>az version
{
"azure-cli": "2.50.0",
"azure-cli-core": "2.50.0",
"azure-cli-telemetry": "1.0.8",
"extensions": {
"alias": "0.5.2",
"application-insights": "0.1.19",
"azure-devops": "0.26.0",
"logic": "0.1.7",
"virtual-wan": "0.2.17"
}
}
C:\Users\REDACTED>
C:\Users\REDACTED>az apim api import --resource-group REDACTED --service-name REDACTED --path "REDACTED" --api-id REDACTED --specification-format OpenApi --specification-url https://REDACTED.azurewebsites.net/api/openapi/v3.yaml --debug
cli.knack.cli: Command arguments: ['apim', 'api', 'import', '--resource-group', 'REDACTED', '--service-name', 'REDACTED', '--path', 'REDACTED', '--api-id', 'REDACTED', '--specification-format', 'OpenApi', '--specification-url', 'https://REDACTED.azurewebsites.net/api/openapi/v3.yaml', '--debug']
cli.knack.cli: __init__ debug log:
Enable color in terminal.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x01F0A4F0>, <function OutputProducer.on_global_arguments at 0x0200C730>, <function CLIQuery.on_global_arguments at 0x02128388>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Modules found from index for 'apim': ['azure.cli.command_modules.apim']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name Load Time Groups Commands
cli.azure.cli.core: apim 0.008 14 68
cli.azure.cli.core: Total (1) 0.008 14 68
cli.azure.cli.core: These extensions are not installed and will be skipped: ['azext_ai_examples', 'azext_next']
cli.azure.cli.core: Loading extensions:
cli.azure.cli.core: Name Load Time Groups Commands Directory
cli.azure.cli.core: Total (0) 0.000 0 0
cli.azure.cli.core: Loaded 14 groups, 68 commands.
cli.azure.cli.core: Found a match in the command table.
cli.azure.cli.core: Raw command : apim api import
cli.azure.cli.core: Command table: apim api import
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x042CD5C8>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users\REDACTED\.azure\commands\2023-07-14.10-30-44.apim_api_import.17500.log'.
az_command_data_logger: command args: apim api import --resource-group {} --service-name {} --path {} --api-id {} --specification-format {} --specification-url {} --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument.<locals>.add_subscription_parameter at 0x042F46E8>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument.<locals>.add_ids_arguments at 0x04302610>, <function register_cache_arguments.<locals>.add_cache_arguments at 0x04302808>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x0200C778>, <function CLIQuery.handle_query_parameter at 0x021283D0>, <function register_ids_argument.<locals>.parse_ids_arguments at 0x043027C0>]
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ApiManagementClient
cli.azure.cli.core.auth.persistence: build_persistence: location='C:\\Users\\REDACTED\\.azure\\msal_token_cache.bin', encrypt=True
cli.azure.cli.core.auth.binary_cache: load: C:\Users\REDACTED\.azure\msal_http_cache.bin
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/REDACTED/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/REDACTED/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/REDACTED/kerberos', 'tenant_region_scope': 'EU', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.auth.credential_adaptor: CredentialAdaptor.get_token: scopes=('https://management.core.windows.net//.default',), kwargs={}
cli.azure.cli.core.auth.msal_authentication: UserCredential.get_token: scopes=('https://management.core.windows.net//.default',), claims=None, kwargs={}
msal.application: Cache hit an AT
msal.telemetry: Generate or reuse correlation_id: f227c18f-4819-464a-a82e-492d3da560ed
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01'
cli.azure.cli.core.sdk.policies: Request method: 'PUT'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json'
cli.azure.cli.core.sdk.policies: 'Content-Length': '153'
cli.azure.cli.core.sdk.policies: 'Accept': 'application/json'
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'b97a2b7e-2220-11ee-b089-f09e4a8b31ec'
cli.azure.cli.core.sdk.policies: 'CommandName': 'apim api import'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--resource-group --service-name --path --api-id --specification-format --specification-url --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.50.0 (MSI) azsdk-python-mgmt-apimanagement/4.0.0 Python/3.10.10 (Windows-10-10.0.22621-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: {"properties": {"path": "REDACTED", "value": "https://REDACTED.azurewebsites.net/api/openapi/v3.yaml", "format": "openapi-link"}}
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "PUT /subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01 HTTP/1.1" 202 0
cli.azure.cli.core.sdk.policies: Response status: 202
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'Location': 'https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01&asyncId=64b107b42cb41a283486d106&asyncCode=200'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': 'c910535b-9c1d-4278-a50d-949574626966'
cli.azure.cli.core.sdk.policies: 'Server': 'Microsoft-HTTPAPI/2.0, Microsoft-HTTPAPI/2.0'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-writes': '1196'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': 'c910535b-9c1d-4278-a50d-949574626966'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'SWEDENSOUTH:20230714T083044Z:c910535b-9c1d-4278-a50d-949574626966'
cli.azure.cli.core.sdk.policies: 'Date': 'Fri, 14 Jul 2023 08:30:43 GMT'
cli.azure.cli.core.sdk.policies: 'Content-Length': '0'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies:
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01&asyncId=64b107b42cb41a283486d106&asyncCode=200'
cli.azure.cli.core.sdk.policies: Request method: 'GET'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'b97a2b7e-2220-11ee-b089-f09e4a8b31ec'
cli.azure.cli.core.sdk.policies: 'CommandName': 'apim api import'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--resource-group --service-name --path --api-id --specification-format --specification-url --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.50.0 (MSI) azsdk-python-mgmt-apimanagement/4.0.0 Python/3.10.10 (Windows-10-10.0.22621-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: This request has no body
urllib3.connectionpool: https://management.azure.com:443 "GET /subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01&asyncId=64b107b42cb41a283486d106&asyncCode=200 HTTP/1.1" 200 None
cli.azure.cli.core.sdk.policies: Response status: 200
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Transfer-Encoding': 'chunked'
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.sdk.policies: 'Content-Encoding': 'gzip'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'ETag': '"AAAABJr0+yI="'
cli.azure.cli.core.sdk.policies: 'Vary': 'Accept-Encoding'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': 'a63cc0e9-ed06-4f6c-88ed-302e0f73352c'
cli.azure.cli.core.sdk.policies: 'Server': 'Microsoft-HTTPAPI/2.0, Microsoft-HTTPAPI/2.0'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-reads': '11829'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': 'a63cc0e9-ed06-4f6c-88ed-302e0f73352c'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'SWEDENSOUTH:20230714T083045Z:a63cc0e9-ed06-4f6c-88ed-302e0f73352c'
cli.azure.cli.core.sdk.policies: 'Date': 'Fri, 14 Jul 2023 08:30:44 GMT'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies: {
"id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED",
"type": "Microsoft.ApiManagement/service/apis",
"name": "REDACTED",
"properties": {
"displayName": "REDACTED Api",
"apiRevision": "1",
"description": "REDACTED",
"subscriptionRequired": false,
"serviceUrl": "https://REDACTED.azurewebsites.net/api",
"path": "REDACTED",
"protocols": [
"https"
],
"authenticationSettings": {
"oAuth2": null,
"openid": null,
"oAuth2AuthenticationSettings": [],
"openidAuthenticationSettings": []
},
"subscriptionKeyParameterNames": {
"header": "Ocp-Apim-Subscription-Key",
"query": "subscription-key"
},
"isCurrent": true
}
}
cli.knack.cli: Event: CommandInvoker.OnTransformResult [<function _resource_group_transform at 0x042F2E80>, <function _x509_from_base64_to_hex_transform at 0x042F2EC8>]
cli.knack.cli: Event: CommandInvoker.OnFilterResult []
{
"apiRevision": "1",
"apiRevisionDescription": null,
"apiType": null,
"apiVersion": null,
"apiVersionDescription": null,
"apiVersionSet": null,
"apiVersionSetId": null,
"authenticationSettings": {
"oAuth2": null,
"oAuth2AuthenticationSettings": [],
"openid": null,
"openidAuthenticationSettings": []
},
"contact": null,
"description": "REDACTED",
"displayName": "REDACTED Api",
"id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED",
"isCurrent": true,
"isOnline": null,
"license": null,
"name": "REDACTED",
"path": "REDACTED",
"protocols": [
"https"
],
"resourceGroup": "REDACTED",
"serviceUrl": "https://REDACTED.azurewebsites.net/api",
"sourceApiId": null,
"subscriptionKeyParameterNames": {
"header": "Ocp-Apim-Subscription-Key",
"query": "subscription-key"
},
"subscriptionRequired": false,
"termsOfServiceUrl": null,
"type": "Microsoft.ApiManagement/service/apis"
}
cli.knack.cli: Event: Cli.SuccessfulExecute []
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x042CD6E8>]
az_command_data_logger: exit code: 0
cli.__main__: Command ran in 2.341 seconds (init: 0.399, invoke: 1.943)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3447 in cache
telemetry.check: Negative: The C:\Users\REDACTED\.azure\telemetry.txt was modified at 2023-07-14 10:23:31.743124, which in less than 600.000000 s
C:\Users\REDACTED>
C:\Users\REDACTED>az apim api update --resource-group REDACTED --service-name REDACTED --api-id REDACTED --set authenticationSettings.oAuth2.authorizationServerId=REDACTED --debug
cli.knack.cli: Command arguments: ['apim', 'api', 'update', '--resource-group', 'REDACTED', '--service-name', 'REDACTED', '--api-id', 'REDACTED', '--set', 'authenticationSettings.oAuth2.authorizationServerId=REDACTED', '--debug']
cli.knack.cli: __init__ debug log:
Enable color in terminal.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x023AA4A8>, <function OutputProducer.on_global_arguments at 0x025AD6E8>, <function CLIQuery.on_global_arguments at 0x025C8340>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Modules found from index for 'apim': ['azure.cli.command_modules.apim']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name Load Time Groups Commands
cli.azure.cli.core: apim 0.009 14 68
cli.azure.cli.core: Total (1) 0.009 14 68
cli.azure.cli.core: These extensions are not installed and will be skipped: ['azext_ai_examples', 'azext_next']
cli.azure.cli.core: Loading extensions:
cli.azure.cli.core: Name Load Time Groups Commands Directory
cli.azure.cli.core: Total (0) 0.000 0 0
cli.azure.cli.core: Loaded 14 groups, 68 commands.
cli.azure.cli.core: Found a match in the command table.
cli.azure.cli.core: Raw command : apim api update
cli.azure.cli.core: Command table: apim api update
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x0476D580>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users\REDACTED\.azure\commands\2023-07-14.10-30-46.apim_api_update.5208.log'.
az_command_data_logger: command args: apim api update --resource-group {} --service-name {} --api-id {} --set {} --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument.<locals>.add_subscription_parameter at 0x047946A0>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument.<locals>.add_ids_arguments at 0x047A25C8>, <function register_cache_arguments.<locals>.add_cache_arguments at 0x047A27C0>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x025AD730>, <function CLIQuery.handle_query_parameter at 0x025C8388>, <function register_ids_argument.<locals>.parse_ids_arguments at 0x047A2778>]
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ApiManagementClient
cli.azure.cli.core.auth.persistence: build_persistence: location='C:\\Users\\REDACTED\\.azure\\msal_token_cache.bin', encrypt=True
cli.azure.cli.core.auth.binary_cache: load: C:\Users\REDACTED\.azure\msal_http_cache.bin
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/REDACTED/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/REDACTED/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/REDACTED/kerberos', 'tenant_region_scope': 'EU', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.auth.credential_adaptor: CredentialAdaptor.get_token: scopes=('https://management.core.windows.net//.default',), kwargs={}
cli.azure.cli.core.auth.msal_authentication: UserCredential.get_token: scopes=('https://management.core.windows.net//.default',), claims=None, kwargs={}
msal.application: Cache hit an AT
msal.telemetry: Generate or reuse correlation_id: a064b04c-4458-402f-9f94-c0b25d478d09
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01'
cli.azure.cli.core.sdk.policies: Request method: 'GET'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'Accept': 'application/json'
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'baf8b9b1-2220-11ee-a6dc-f09e4a8b31ec'
cli.azure.cli.core.sdk.policies: 'CommandName': 'apim api update'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--resource-group --service-name --api-id --set --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.50.0 (MSI) azsdk-python-mgmt-apimanagement/4.0.0 Python/3.10.10 (Windows-10-10.0.22621-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: This request has no body
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "GET /subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01 HTTP/1.1" 200 None
cli.azure.cli.core.sdk.policies: Response status: 200
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Transfer-Encoding': 'chunked'
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.sdk.policies: 'Content-Encoding': 'gzip'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'ETag': '"AAAABJr0+yI="'
cli.azure.cli.core.sdk.policies: 'Vary': 'Accept-Encoding'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': 'f7794531-8696-4883-b2a8-4aa9aa1f9f3c'
cli.azure.cli.core.sdk.policies: 'Server': 'Microsoft-HTTPAPI/2.0, Microsoft-HTTPAPI/2.0'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-reads': '11967'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': 'f7794531-8696-4883-b2a8-4aa9aa1f9f3c'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'SWEDENSOUTH:20230714T083046Z:f7794531-8696-4883-b2a8-4aa9aa1f9f3c'
cli.azure.cli.core.sdk.policies: 'Date': 'Fri, 14 Jul 2023 08:30:46 GMT'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies: {
"id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED",
"type": "Microsoft.ApiManagement/service/apis",
"name": "REDACTED",
"properties": {
"displayName": "REDACTED Api",
"apiRevision": "1",
"description": "REDACTED",
"subscriptionRequired": false,
"serviceUrl": "https://REDACTED.azurewebsites.net/api",
"path": "REDACTED",
"protocols": [
"https"
],
"authenticationSettings": {
"oAuth2": null,
"openid": null,
"oAuth2AuthenticationSettings": [],
"openidAuthenticationSettings": []
},
"subscriptionKeyParameterNames": {
"header": "Ocp-Apim-Subscription-Key",
"query": "subscription-key"
},
"isCurrent": true
}
}
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ApiManagementClient
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/REDACTED/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/REDACTED/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/REDACTED/kerberos', 'tenant_region_scope': 'EU', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ApiManagementClient
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/REDACTED/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/REDACTED/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/REDACTED/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/REDACTED/kerberos', 'tenant_region_scope': 'EU', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.util: malformed node or string on line 1: <ast.BinOp object at 0x05316F28>
cli.azure.cli.core.auth.credential_adaptor: CredentialAdaptor.get_token: scopes=('https://management.core.windows.net//.default',), kwargs={}
cli.azure.cli.core.auth.msal_authentication: UserCredential.get_token: scopes=('https://management.core.windows.net//.default',), claims=None, kwargs={}
msal.application: Cache hit an AT
msal.telemetry: Generate or reuse correlation_id: 084f2ecb-a6bd-40e0-a856-af4eaa90bb8d
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01'
cli.azure.cli.core.sdk.policies: Request method: 'PUT'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json'
cli.azure.cli.core.sdk.policies: 'Content-Length': '577'
cli.azure.cli.core.sdk.policies: 'Accept': 'application/json'
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'baf8b9b1-2220-11ee-a6dc-f09e4a8b31ec'
cli.azure.cli.core.sdk.policies: 'CommandName': 'apim api update'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--resource-group --service-name --api-id --set --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.50.0 (MSI) azsdk-python-mgmt-apimanagement/4.0.0 Python/3.10.10 (Windows-10-10.0.22621-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: {"properties": {"description": "REDACTED", "authenticationSettings": {"oAuth2": {"authorizationServerId": "REDACTED"}, "oAuth2AuthenticationSettings": [], "openidAuthenticationSettings": []}, "subscriptionKeyParameterNames": {"header": "Ocp-Apim-Subscription-Key", "query": "subscription-key"}, "apiRevision": "1", "isCurrent": true, "subscriptionRequired": false, "displayName": "REDACTED Api", "serviceUrl": "https://REDACTED.azurewebsites.net/api", "path": "REDACTED", "protocols": ["https"]}}
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "PUT /subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.ApiManagement/service/REDACTED/apis/REDACTED?api-version=2022-08-01 HTTP/1.1" 400 142
cli.azure.cli.core.sdk.policies: Response status: 400
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Content-Length': '142'
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': 'b641c111-bb80-4e00-9558-3972fc8ed04d'
cli.azure.cli.core.sdk.policies: 'Server': 'Microsoft-HTTPAPI/2.0, Microsoft-HTTPAPI/2.0'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-writes': '1195'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': 'b641c111-bb80-4e00-9558-3972fc8ed04d'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'SWEDENSOUTH:20230714T083047Z:b641c111-bb80-4e00-9558-3972fc8ed04d'
cli.azure.cli.core.sdk.policies: 'Date': 'Fri, 14 Jul 2023 08:30:46 GMT'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies: {"error":{"code":"ValidationError","message":"Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.","details":null}}
cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 663, in execute
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 726, in _run_jobs_serially
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 697, in _run_job
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 333, in __call__
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 240, in handler
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 452, in cached_put
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 446, in _put_operation
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/core/tracing/decorator.py", line 78, in wrapper_use_tracer
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/mgmt/apimanagement/operations/_api_operations.py", line 890, in begin_create_or_update
File "D:\a\_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/mgmt/apimanagement/operations/_api_operations.py", line 727, in _create_or_update_initial
azure.core.exceptions.HttpResponseError: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
cli.azure.cli.core.azclierror: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
az_command_data_logger: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
Code: ValidationError
Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid.
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x0476D6A0>]
az_command_data_logger: exit code: 1
cli.__main__: Command ran in 1.542 seconds (init: 0.395, invoke: 1.147)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3625 in cache
telemetry.check: Negative: The C:\Users\REDACTED\.azure\telemetry.txt was modified at 2023-07-14 10:23:31.743124, which in less than 600.000000 s
Expected behavior
The API should be imported from the specification and OAuth2 should be enabled on the API.
Environment Summary
azure-cli 2.50.0
core 2.50.0
telemetry 1.0.8
Extensions:
alias 0.5.2
application-insights 0.1.19
azure-devops 0.26.0
logic 0.1.7
virtual-wan 0.2.17
Dependencies:
msal 1.22.0
azure-mgmt-resource 23.1.0b2
Python location 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\REDACTED\.azure\cliextensions'
Python (Windows) 3.10.10 (tags/v3.10.10:aad5f6a, Feb 7 2023, 17:05:00) [MSC v.1929 32 bit (Intel)]
Legal docs and information: aka.ms/AzureCliLegal
Your CLI is up-to-date.
Additional context
No response
| Author: | Strandfelt |
|---|---|
| Assignees: | - |
| Labels: |
|
| Milestone: | - |
Looks like the issue is with the way control plane validates the OAuth2AuthenticationSettings contract. PG is aware of the issue and working on it now. Thanks for your patience.
Also getting this error when we run az apim api revision create
e.g.
az apim api revision create --api-id $ApiMgmtApiID `
--api-revision $NewRevision `
--resource-group $ResourceGroup `
--service-name $ApiMgmtName `
--api-revision-description "DeployID: $Build.BuildNumber"
ERROR: (ValidationError) One or more fields contain incorrect values: Code: ValidationError Message: One or more fields contain incorrect values: Exception Details: (ValidationError) Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid. Code: ValidationError Message: Cannot use OAuth2AuthenticationSettings in combination with OAuth2 nor openid. Target: oAuth2AuthenticationSettings (ValidationError) Cannot use OpenidAuthenticationSettings in combination with Openid nor OAuth2. Code: ValidationError Message: Cannot use OpenidAuthenticationSettings in combination with Openid nor OAuth2. Target: openidAuthenticationSettings
az version
{
"azure-cli": "2.53.0",
"azure-cli-core": "2.53.0",
"azure-cli-telemetry": "1.1.0",
"extensions": {
"azure-devops": "0.26.0",
"interactive": "0.5.3",
"logic": "0.1.7",
"portal": "0.1.3",
"resource-graph": "2.1.0",
"storage-preview": "1.0.0b1"
}
}
we are also facing the same issue when using REST API to import an API to APIM Workspace
I am still experiencing this issue with az apim api update command @yingru97
Any update on this issue? I am getting the same error when I try to create revision az apim api revision create
