cURL
curl --request POST \
--url https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId} \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"tenantId": "<string>",
"resource": "<string>",
"allowedServicePrincipalIds": "",
"accessTokenTrustedIps": [
{
"ipAddress": "0.0.0.0/0"
},
{
"ipAddress": "::/0"
}
],
"accessTokenTTL": 2592000,
"accessTokenMaxTTL": 2592000,
"accessTokenNumUsesLimit": 0
}
'import requests
url = "https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}"
payload = {
"tenantId": "<string>",
"resource": "<string>",
"allowedServicePrincipalIds": "",
"accessTokenTrustedIps": [{ "ipAddress": "0.0.0.0/0" }, { "ipAddress": "::/0" }],
"accessTokenTTL": 2592000,
"accessTokenMaxTTL": 2592000,
"accessTokenNumUsesLimit": 0
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
tenantId: '<string>',
resource: '<string>',
allowedServicePrincipalIds: '',
accessTokenTrustedIps: [{ipAddress: '0.0.0.0/0'}, {ipAddress: '::/0'}],
accessTokenTTL: 2592000,
accessTokenMaxTTL: 2592000,
accessTokenNumUsesLimit: 0
})
};
fetch('https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'tenantId' => '<string>',
'resource' => '<string>',
'allowedServicePrincipalIds' => '',
'accessTokenTrustedIps' => [
[
'ipAddress' => '0.0.0.0/0'
],
[
'ipAddress' => '::/0'
]
],
'accessTokenTTL' => 2592000,
'accessTokenMaxTTL' => 2592000,
'accessTokenNumUsesLimit' => 0
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}"
payload := strings.NewReader("{\n \"tenantId\": \"<string>\",\n \"resource\": \"<string>\",\n \"allowedServicePrincipalIds\": \"\",\n \"accessTokenTrustedIps\": [\n {\n \"ipAddress\": \"0.0.0.0/0\"\n },\n {\n \"ipAddress\": \"::/0\"\n }\n ],\n \"accessTokenTTL\": 2592000,\n \"accessTokenMaxTTL\": 2592000,\n \"accessTokenNumUsesLimit\": 0\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"tenantId\": \"<string>\",\n \"resource\": \"<string>\",\n \"allowedServicePrincipalIds\": \"\",\n \"accessTokenTrustedIps\": [\n {\n \"ipAddress\": \"0.0.0.0/0\"\n },\n {\n \"ipAddress\": \"::/0\"\n }\n ],\n \"accessTokenTTL\": 2592000,\n \"accessTokenMaxTTL\": 2592000,\n \"accessTokenNumUsesLimit\": 0\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"tenantId\": \"<string>\",\n \"resource\": \"<string>\",\n \"allowedServicePrincipalIds\": \"\",\n \"accessTokenTrustedIps\": [\n {\n \"ipAddress\": \"0.0.0.0/0\"\n },\n {\n \"ipAddress\": \"::/0\"\n }\n ],\n \"accessTokenTTL\": 2592000,\n \"accessTokenMaxTTL\": 2592000,\n \"accessTokenNumUsesLimit\": 0\n}"
response = http.request(request)
puts response.read_body{
"identityAzureAuth": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"createdAt": "2023-11-07T05:31:56Z",
"updatedAt": "2023-11-07T05:31:56Z",
"identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"tenantId": "<string>",
"resource": "<string>",
"allowedServicePrincipalIds": "<string>",
"accessTokenTTL": 7200,
"accessTokenMaxTTL": 7200,
"accessTokenNumUsesLimit": 0,
"accessTokenTrustedIps": "<unknown>",
"accessTokenPeriod": 0
}
}{
"reqId": "<string>",
"statusCode": 400,
"message": "<string>",
"error": "<string>",
"details": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 401,
"message": "<string>",
"error": "<string>"
}{
"reqId": "<string>",
"statusCode": 403,
"message": "<string>",
"error": "<string>",
"details": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 404,
"message": "<string>",
"error": "<string>"
}{
"reqId": "<string>",
"statusCode": 422,
"error": "<string>",
"message": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 500,
"message": "<string>",
"error": "<string>"
}Azure Auth
Attach
Attach Azure Auth configuration onto machine identity
POST
/
api
/
v1
/
auth
/
azure-auth
/
identities
/
{identityId}
cURL
curl --request POST \
--url https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId} \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"tenantId": "<string>",
"resource": "<string>",
"allowedServicePrincipalIds": "",
"accessTokenTrustedIps": [
{
"ipAddress": "0.0.0.0/0"
},
{
"ipAddress": "::/0"
}
],
"accessTokenTTL": 2592000,
"accessTokenMaxTTL": 2592000,
"accessTokenNumUsesLimit": 0
}
'import requests
url = "https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}"
payload = {
"tenantId": "<string>",
"resource": "<string>",
"allowedServicePrincipalIds": "",
"accessTokenTrustedIps": [{ "ipAddress": "0.0.0.0/0" }, { "ipAddress": "::/0" }],
"accessTokenTTL": 2592000,
"accessTokenMaxTTL": 2592000,
"accessTokenNumUsesLimit": 0
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
tenantId: '<string>',
resource: '<string>',
allowedServicePrincipalIds: '',
accessTokenTrustedIps: [{ipAddress: '0.0.0.0/0'}, {ipAddress: '::/0'}],
accessTokenTTL: 2592000,
accessTokenMaxTTL: 2592000,
accessTokenNumUsesLimit: 0
})
};
fetch('https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'tenantId' => '<string>',
'resource' => '<string>',
'allowedServicePrincipalIds' => '',
'accessTokenTrustedIps' => [
[
'ipAddress' => '0.0.0.0/0'
],
[
'ipAddress' => '::/0'
]
],
'accessTokenTTL' => 2592000,
'accessTokenMaxTTL' => 2592000,
'accessTokenNumUsesLimit' => 0
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}"
payload := strings.NewReader("{\n \"tenantId\": \"<string>\",\n \"resource\": \"<string>\",\n \"allowedServicePrincipalIds\": \"\",\n \"accessTokenTrustedIps\": [\n {\n \"ipAddress\": \"0.0.0.0/0\"\n },\n {\n \"ipAddress\": \"::/0\"\n }\n ],\n \"accessTokenTTL\": 2592000,\n \"accessTokenMaxTTL\": 2592000,\n \"accessTokenNumUsesLimit\": 0\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"tenantId\": \"<string>\",\n \"resource\": \"<string>\",\n \"allowedServicePrincipalIds\": \"\",\n \"accessTokenTrustedIps\": [\n {\n \"ipAddress\": \"0.0.0.0/0\"\n },\n {\n \"ipAddress\": \"::/0\"\n }\n ],\n \"accessTokenTTL\": 2592000,\n \"accessTokenMaxTTL\": 2592000,\n \"accessTokenNumUsesLimit\": 0\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId}")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"tenantId\": \"<string>\",\n \"resource\": \"<string>\",\n \"allowedServicePrincipalIds\": \"\",\n \"accessTokenTrustedIps\": [\n {\n \"ipAddress\": \"0.0.0.0/0\"\n },\n {\n \"ipAddress\": \"::/0\"\n }\n ],\n \"accessTokenTTL\": 2592000,\n \"accessTokenMaxTTL\": 2592000,\n \"accessTokenNumUsesLimit\": 0\n}"
response = http.request(request)
puts response.read_body{
"identityAzureAuth": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"createdAt": "2023-11-07T05:31:56Z",
"updatedAt": "2023-11-07T05:31:56Z",
"identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"tenantId": "<string>",
"resource": "<string>",
"allowedServicePrincipalIds": "<string>",
"accessTokenTTL": 7200,
"accessTokenMaxTTL": 7200,
"accessTokenNumUsesLimit": 0,
"accessTokenTrustedIps": "<unknown>",
"accessTokenPeriod": 0
}
}{
"reqId": "<string>",
"statusCode": 400,
"message": "<string>",
"error": "<string>",
"details": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 401,
"message": "<string>",
"error": "<string>"
}{
"reqId": "<string>",
"statusCode": 403,
"message": "<string>",
"error": "<string>",
"details": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 404,
"message": "<string>",
"error": "<string>"
}{
"reqId": "<string>",
"statusCode": 422,
"error": "<string>",
"message": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 500,
"message": "<string>",
"error": "<string>"
}Authorizations
An access token in Infisical
Path Parameters
The ID of the machine identity to login.
Body
application/json
The tenant ID for the Azure AD organization.
The resource URL for the application registered in Azure AD.
The comma-separated list of Azure AD service principal IDs that are allowed to authenticate with Infisical.
The IPs or CIDR ranges that access tokens can be used from.
Minimum array length:
1Show child attributes
Show child attributes
The lifetime for an access token in seconds.
Required range:
0 <= x <= 315360000The maximum lifetime for an access token in seconds.
Required range:
0 <= x <= 315360000The maximum number of times that an access token can be used.
Required range:
x >= 0Response
Default Response
Show child attributes
Show child attributes
Was this page helpful?
⌘I