Creating azure ad token for Marketplace authentication RRS feed

  • Question

  • Hi,

    I have created an application on Partner.microsoft.com

    and I am following this Link: https://docs.microsoft.com/en-us/azure/marketplace/partner-center-portal/pc-saas-fulfillment-api-v2#api-reference for communicating with azure.

    Under resolve a token, I need a beare token which I am creating following the link: https://docs.microsoft.com/en-us/azure/marketplace/partner-center-portal/pc-saas-registration#get-a-token-based-on-the-azure-ad-app

    But what should I pass in resource for calling the marketplace API's?

    This is the body if the request I am sending on https://login.microsoftonline.com/b229b2bb-5f33-4d22-bce0-730f6474e906/oauth2/token


    If I don't pass anything in resource field and use the received token, I am getting an 403 response when calling the resolve api's.

    What's the correct value to be passed for getting a token which can be used for resolving a token which can be used for resolving a marketplace token?

    Monday, September 2, 2019 9:35 AM


All replies

  • The resource value is captured as part of the documentation at https://docs.microsoft.com/en-us/azure/marketplace/partner-center-portal/pc-saas-registration#get-a-token-based-on-the-azure-ad-app 

    Can you set the resource id to ‘62d94f6c-d599-489b-a797-3e10e42fbe22’, and try if it resolves your API calls.

    Thursday, September 5, 2019 7:31 AM
  • I have already tried that.

    We get a 403 response if we use the bearer token generated using that resource.

    For resolve we are making this call: 

    curl -X GET \
      'https://marketplaceapi.microsoft.com/api/saas/subscriptions/resolve?api-version=2018-08-31' \
      -H 'Accept: */*' \
      -H 'Accept-Encoding: gzip, deflate' \
      -H 'Authorization: Bearer token' \
      -H 'Cache-Control: no-cache' \
      -H 'Connection: keep-alive' \
      -H 'Content-Type: application/json' \
      -H 'Host: marketplaceapi.microsoft.com' \
      -H 'Postman-Token: 776aaf17-a803-426d-9c32-d6b9c5a6051b,8e42432c-3749-40f1-b133-b567eab9eaa0' \
      -H 'User-Agent: PostmanRuntime/7.16.3' \
      -H 'cache-control: no-cache'

    Saturday, September 7, 2019 2:08 AM
  • The x-ms-requestid was dfe9ee9e-45bc-49c0-9fc1-edcb48686ff6
    and the
    x-ms-marketplace-token we used in request was zKAAEUfm+lw7+bsUxCyIgSjRejY5NN2cAY+g4q/N1ppwFiU7GX6y/H0nyjUYZFPQt84FZEv9Gq1G/ptx7ip7JsZPvUOlE7QitoumrYeQW9N3MKxcYCjNBw0G6b5tTk5jBQhjXKey38oDHep9BCFkXd8unyghxD0sNqYc/JGkfpalw6JxijlRWt/cM5ks93Rw

    Can you please let us know what we are doing wrong?

    Saturday, September 7, 2019 3:06 AM
  • Resolve is a  POST operation and not a GET - https://docs.microsoft.com/en-us/azure/marketplace/partner-center-portal/pc-saas-fulfillment-api-v2#posthttpsmarketplaceapimicrosoftcomapisaassubscriptionsresolveapi-versionapiversion 

    Also to confirm, the authorization token is being passed as “Bearer <actual token>” right?

    Monday, September 16, 2019 10:02 AM
  • I am facing the exact same problem,i am not able to get my head around,if it's a POST Or GET it doesn't make a difference,i am getting a 403 On resolve subscription. There is no clarity on what needs to go in the Resource field.
    Monday, November 4, 2019 5:50 AM
  • I was able to get a response with the following settings (I'm using Postman application  for sending requests ) : POST  request ,   x-www-form-urlencoded and the body having the following params : grant_type = client_credentials ; client_secret = 123 ; client_id = 789. The response was a proper JSON with access_token inside it.

    Monday, November 4, 2019 9:04 PM
  • Mine issue was solved by using the resource as 62d94f6c-d599-489b-a797-3e10e42fbe22.
    Wednesday, November 6, 2019 6:28 AM
  • @mvcaraiman Thanks for sharing your experience.

    @LearningSpree Thanks for confirming the resolution.

    Wednesday, November 6, 2019 10:50 AM