tedious icon indicating copy to clipboard operation
tedious copied to clipboard
verified publisher icon tediousjs

Unable to connect to Azure SQL using azure directory password authentication.

Open sunnyverma88 opened this issue 2 years ago • 2 comments

The app is using the latest version of tedious 16.4.0, trying to connect to Azure SQL, and getting the below error. Any recommendations on resolving this issue? Error Message: Security Token could not be authenticated or authorized. CODE EFEDAUTH

sunnyverma88 avatar Jul 24 '23 21:07 sunnyverma88

Hi @sunnyverma88, can you share with us your connection configuration as a start?

MichaelSun90 avatar Jul 25 '23 18:07 MichaelSun90

Hi @sunnyverma88, just want to double check with you, did you guys remove the content for scopes and gettokenoptions from the error log that shared me this morning via teams chat or they are never there? If you do get a valid gettokenoptions object returned in the error, there should be a 'authority' entity within it, and it reviews the auth-endpoint. The content of it should be constructed as authorityHostUrl/tenantId. You can verify whether the correct tenantId is used here.

AggregateError at C:\dev\training\sql-node-test\node_modules\tedious\lib\connection.js:2679:31 at process.processTicksAndRejections (node:internal/process/task_queues:95:5) { [errors]: [ ConnectionError: Security token could not be authenticated or authorized. at C:\dev\training\sql-node-test\node_modules\tedious\lib\connection.js:2679:62 at process.processTicksAndRejections (node:internal/process/task_queues:95:5) { code: 'EFEDAUTH', isTransient: undefined }, AuthenticationRequiredError: invalid_request: 9001023 - [2023-07-26 16:48:54Z]: AADSTS9001023: The grant type is not supported over the /common or /consumers endpoints. Please use the /organizations or tenant-specific endpoint. Trace ID: 2580b7aa-9cdb-4d55-9f96-f69e984c2b00 Correlation ID: 06a6c8f2-f062-418d-8fdd-d17bd2ce3cec Timestamp: 2023-07-26 16:48:54Z - Correlation ID: 06a6c8f2-f062-418d-8fdd-d17bd2ce3cec - Trace ID: 2580b7aa-9cdb-4d55-9f96-f69e984c2b00 at MsalUsernamePassword.handleError (C:\dev\training\sql-node-test\node_modules\@azure\identity\dist\index.js:715:16) at MsalUsernamePassword.doGetToken (C:\dev\training\sql-node-test\node_modules\@azure\identity\dist\index.js:2030:24) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async Object.withSpan (C:\dev\training\sql-node-test\node_modules\@azure\core-tracing\dist\index.js:140:28) at async C:\dev\training\sql-node-test\node_modules\tedious\lib\connection.js:2677:29 { scopes: [Array], getTokenOptions: [Object] } ] }

MichaelSun90 avatar Jul 26 '23 22:07 MichaelSun90