how to add resource group to azure subscription using multi-tenant app
I am seeking your help!
I created a customer tenant and added an azure subscription for that tenant, then I created a multi-tenant app and added its servicePrincipal to the Adminagents group,
when I used this servicePrincipal to create resource group under the customer's tenant using azure rest api I got this error:
'code': 'InvalidAuthenticationToken', 'message': 'The received access token is not valid: at least one of the claims 'puid' or 'altsecid' or 'oid' should be present. If you are accessing as application please make sure service principal is properly created in the tenant.' }
Did you include Azure Management in the API permissions of this app? You might need to go through the authorization code flow again with your user after adding this.
Maybe it would be good to review your approach more thoroughly, if you are Silver or Gold Partner you can open a an Advisory request via https://aka.ms/technicalservices or directly via https://aka.ms/tpdmsform to get 1:1 guidance on this.
Receive consultations via Technical Presales and Deployment Services team