If you've used the Azure Logic App (Standard) extension for Visual Studio Code, you are probably well aware that it uses seven-day access tokens to authenticate with Azure API Connections. This is to make up for Visual Studio Code using your work account for authentication instead of a Managed Identity you can create an access policy for.
The down-side to this is that currently there is no way to reauthenticate these tokens from VS Code, you generally have to create a new connection.
However, there is an API you can use to manually generate new access tokens:
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/connections/{connectionName}/listConnectionKeys?api-version=2018-07-01-preview
The Request Body should include the following JSON:
{"validityTimeSpan" : "7"}
If we plug this into a tool like Postman, it should generate a new token that you can use to replace the existing one in local.settings.json
Update local.settings.json:
Of course, this is still tedious to have to do but luckily it is something that can be easily scripted.
For example, here is how you could make this request via PowerShell:
$resourceID = "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/connections/{connectionName}"
$accessToken = (Get-AzAccessToken).Token
$header = @{
"authorization" = "Bearer $accessToken"
"Content-Type" = "application/json"
}
$body = @{"validityTimeSpan" = "7"}
$json = $body | ConvertTo-Json
$url = "https://management.azure.com$($resourceId)listConnectionKeys?api-version=2018-07-01-preview"
(Invoke-RestMethod -Uri $url -Method "Post" -Headers $header -Body $json).connectionKey
When scripting, you have a couple options on how to run all your existing connections through the API.
- You can get the Resource IDs from a connections.json file
- Use PowerShell or Azure CLI to fetch all API Connections in a Resource Group
Get-AzResource -ResourceGroupName {resourceGroupName} -ResourceType 'Microsoft.Web/connections'
Once you have a list of Resource IDs, you can iterate through them, putting each through the API.
Disclaimer: This API is currently undocumented. While it should not cause any harm, please do not use if you are not comfortable with it being undocumented.
Updated Feb 23, 2023
Version 1.0cmeadows
Microsoft
Joined February 10, 2023
Azure Integration Services Blog
Follow this blog board to get notified when there's new activity