ServiceBusExplorer icon indicating copy to clipboard operation
ServiceBusExplorer copied to clipboard
verified publisher icon paolosalvatori

Cannot uses connection strings with SharedAccessSignature

Open LuKePicci opened this issue 7 months ago • 3 comments

This format of connection string is getting refused as invalid (those ... are urlencoded values):

Endpoint=sb://<your-namespace>.servicebus.windows.net/;SharedAccessSignature=SharedAccessSignature sr=...&sig=...&se=...&skn=...

LuKePicci avatar May 22 '25 09:05 LuKePicci

@LuKePicci, the connection string requires not a SAS token, but the key. The key is used to create the token, which you're trying to use in your example.

Connection string example:

Endpoint=sb://<your-namespace>.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=<redacted>

Note that the RootManageSharedAccessKey key is required as the tool has to perform management operations.

SeanFeldman avatar May 22 '25 14:05 SeanFeldman

I know about the KeyName/Key combo but I was trying to test a connection string we currently use in production which has the format I described.

I didn't know the tool only works with root management connection strings, mine is signed by a different policy on a topic and it only has receiver access.

LuKePicci avatar May 22 '25 15:05 LuKePicci

I didn't know the tool only works with root management connection strings, mine is signed by a different policy on a topic and it only has receiver access.

Yeah, that won't work. And using a policy that is not root or doesn't have manage permission won't work. Hopefully, this clarifies it and answers your question.

SeanFeldman avatar May 22 '25 16:05 SeanFeldman