Skip to content
This repository was archived by the owner on Jan 5, 2026. It is now read-only.

fix: [#4582] UserAssignedIdentity(WorkloadIdentity) auth fails with 'scope https://api.botframework.com is not valid' #4607

Merged
tracyboehrer merged 2 commits into from
Jan 24, 2024
Merged

fix: [#4582] UserAssignedIdentity(WorkloadIdentity) auth fails with 'scope https://api.botframework.com is not valid' #4607

tracyboehrer merged 2 commits into from
Jan 24, 2024

Conversation

@ceciliaavila
Copy link
Collaborator

@ceciliaavila ceciliaavila commented Jan 22, 2024

Fixes #4582

Description

This PR adds the /.default suffix to the scope for MSI authentication.

Specific Changes

  • Updated ManagedIdentityAuthenticator to add the suffix to the scope.

Testing

These images show the fix working with a bot deployed in AKS and another one deployed in an Azure App Service.
image

@ceciliaavila ceciliaavila requested a review from a team as a code owner January 22, 2024 15:25
@coveralls
Copy link

coveralls commented Jan 22, 2024
edited
Loading

Pull Request Test Coverage Report for Build 7613456265

  • 3 of 3 (100.0%) changed or added relevant lines in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.003%) to 84.48%
Totals Coverage Status
Change from base Build 7587095843: 0.003%
Covered Lines: 20414
Relevant Lines: 22880
💛 - Coveralls

@tracyboehrer tracyboehrer merged commit 23c16dc into main Jan 24, 2024
@tracyboehrer tracyboehrer deleted the southworks/fix/msi-invalid-scope-error branch January 24, 2024 14:43
@ceciliaavila ceciliaavila mentioned this pull request Jan 24, 2024
Closed
tracyboehrer pushed a commit that referenced this pull request Jan 24, 2024
@ceciliaavila
fix: [#4582] UserAssignedIdentity(WorkloadIdentity) auth fails with '…
f09c538 
…scope https://api.botframework.com is not valid' (#4607)

* Add scope post-fix in managedIdentityAuthenticator.

* Fix unit test
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@tracyboehrer tracyboehrer tracyboehrer approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

UserAssignedIdentity(WorkloadIdentity) auth fails with 'scope https://api.botframework.com is not valid'

4 participants

@ceciliaavila @coveralls @tracyboehrer