我正在使用Node js在Azure AD中进行身份验证以创建Data Lake存储帐户,但它会登录但是为了创建帐户,它会出现错误:code:' InvalidAuthenticationTokenTenant', 消息:'访问令牌来自错误的发行者\ {39; https://sts.windows.n 等\&#39 ;.它必须与租户匹配\ {39; https://sts.windows.net/ \'与这个潜艇相关联 cription
var msRestAzure = require('ms-rest-azure');
var adlsManagement = require("azure-arm-datalake-store");
msRestAzure.interactiveLogin(function(err, credentials) {
var accountName = 'testadlsacct';
var pathToEnumerate = '/myfolder';
var acccountClient = new adlsManagement.DataLakeStoreAccountClient(credentials, 'dxxxxxxx-dxxx-4xxx-bxxx-5xxxxxxxxx');
var filesystemClient = new adlsManagement.DataLakeStoreFileSystemClient(credentials);
var util = require('util');
var resourceGroupName = 'testrg';
var accountName = 'testadlsacct';
var location = 'eastus2';
var accountToCreate = {
tags: {
testtag1: 'testvalue1',
testtag2: 'testvalue2'
},
name: accountName,
location: location
};
var client= new adlsManagement.DataLakeStoreAccountClient(credentials, 'dxxxxxxxx-xxx-xxxx--xxxxxx');
client.account.create(resourceGroupName, accountName, accountToCreate, function (err, result, request, response)
//other code here
});
答案 0 :(得分:2)
看一下how ms-rest-azure's msRestAzure.interactiveLogin function is written,如果您是多个Azure Active Directory(租户)的成员,则可以传递“域”或租户参数。< / p>
您应该传入与订阅相关的租户。这应该在您获得的完整,当前错误消息中提供给您。租户可能看起来像“contoso.com”,“contoso.onmicrosoft.com”,或者它可能是一个GUID。
通过明确提及应使用哪个目录来消除您的身份验证调用的歧义。
我希望这有帮助!