The request has both SAS authentication scheme and 'Bearer' authorization scheme. Only one scheme should be used

While doing testing after doing a POC on Securing Logic App with Azure Active Directory authentication, where I have put logic app behind APIM and before passing the request to logic app, apim does validation of the token.


 I was encountered with an error



"The request has both SAS authentication scheme and 'Bearer' authorization
 scheme. Only one scheme should be used."


Why it happened


After validating the token which is part of the header i.e. Authorization, APIM forwards the request as it is to backend. As  Logic app is configured as back end, it's url already consist of SAS signature plus the request also has Authorization section and this is the problem.

 By default every request endpoint on a logic app has a Shared Access Signature (SAS) in the endpoint's URL, which follows this format:

 https://<request-endpoint-URI>sp=<permissions>sv=<SAS-version>sig=<signature>

 As of now logic App only understands SAS authentication only, and there is no mechanism built yet for Authorization, thus it does not support any Authorization scheme.
Although the error says
Only one scheme should be used -- It will not work if I remove SAS part and add
only Bearer token(Any Authorization scheme)

What to do


As Logic App currently doesn't support Authorization Header, it needs to be removed before submitting request to Logic App. In my case, as I was using APIM, by using Set Header policy - the Authorization header was removed and all work fine then after.





Related Post 


ServerLess360


Comments

Post a Comment

Popular posts from this blog

Getting Started with Logic Apps - XML to EDI X12

Image
Continuing from last post where I explained the basics of EDI and EDI X12 standards , let’s  see how we can enable EDI communication with Logic Apps Logic Apps and EDI together Earlier it was BizTalk from Microsoft which has all capabilities around Enterprise Application Integration(EAI) and Electronic Data Interchange (EDI)(which is server product) but with the cloud shift where everything is desired as service, Microsoft provided Logic Apps to cater the integration needs for cloud users and it is continuously getting matured (most of BizTalk capabilities already added). Read more about  Logic App Fundamentals To enable the logic apps to be leveraged in Business to Business EDI communication Microsoft introduced Enterprise Integration Pack,  which adds B2B capabilities like AS2 and X12, EDI standards support , XML capabilities like XML Validation, XSLT Transformation, Flat file to XML encode/decode etc.(Available as actions in Logic app e.g., AS2 Decode, Encode t
Read more

Operation on target Copy data failed: Failure happened on 'Source' side

Image
A simple Pipeline created to fetch data by querying the Rest Api and dumping the data received in blob storage, failed with following error: Error Operation on target Copy data_From API failed: Failure happened on 'Source' side. ErrorCode=UserErrorHttpStatusCodeIndicatingFailure,'Type=Microsoft.DataTransfer.Common.Shared.HybridDeliveryException,Message=The HttpStatusCode 400 indicates failure. {"errors":{"detail":"Internal server error"}},Source=Microsoft.DataTransfer.ClientLibrary,' Why it happened As the error says, something went wrong at source side however, I have tested the Rest API using postman and was able to get the response back with data. And I have reflected same in Source setting of Copy Data activity while creating the pipeline i.e. query, headers – content type and authorization etc Still getting the error, I rechecked again the keys,content type etc - no clue. Took hel
Read more