SOLVED

Service Connection with user-assigned Managed Identity and Azure App Service failing to deploy

Brass Contributor

Hi guys

So i wanted to try to work with managed identities in Azure DevOps instead of the service principal on my service connection (Azure Resource Manager) to Azure.

However i am struggling to understand where i can specifiy the user assigned managed identity that i created on the Azure side for this purpose. 

Using this new service connection for my Deployment Pipeline i keep getting this message:

 

##[error]Error: Failed to fetch App Service 'my app Service' publishing credentials. Error: Could not fetch access token for Azure. Status code: 400, status message: Could not fetch access token for Managed Service Principal. Status code: 400, status message: Bad Request

 

 

Is this setup even supported? i gave this newly created managed identity owner permissions on the whole subscription....

 

Thanks for any help!

 

3 Replies

i have read this and many other articles many times - but it doesn't provide clarity to my question. (or i am too stupid to understand)
I have been trying to find a solution for 1 day without any luck. I read on some places that the managed identity has to be configured on the agent that runs the pipeline but what if the agents are hosted by microsoft?

best response confirmed by Lephas (Brass Contributor)
1 best response

Accepted Solutions
best response confirmed by Lephas (Brass Contributor)