Renew credentials after expired Azure refresh token
If your multi-cloud platform logs contain a message such as the following, you may need to renew your pricing credentials because of an expired Azure refresh token.
Caused by: feign.FeignException$BadRequest: [400 Bad Request]
during [POST] to [https://login.microsoftonline.com/subscription/oauth2/token]
[AuthenticationAPI#authorize(String,String)]:
[{"error":"invalid_grant","error_description":"AADSTS700082: The refresh token has expired due to inactivity.
The token was issued on 2020-10-26T08:38:45.8118091Z and was inactive for 90.00:00:00.\r\nT... (569 bytes)]
To renew your Azure credentials:
Log in to the Azure portal
Go to Azure Active Directory → Authentication → App registrations
Find the app for which you generated the credentials
Go to Redirect URIs
Find the Redirect URI that is used to grant consent for the use of the credentials
Go to this consent URI and log in
Get the new access token and the new refresh token
Add these to the Abiquo multi-cloud platform as part of your pricing credentials in the format
csp#tenantId#applicationId#accessToken#refreshToken
Also, in versions prior to Abiquo 5.2, add them to the
csp.yml
file in the billing dashboard configuration. For more details, see Display Azure billing data .
The platform will now be able to retrieve your cloud provider's pricing and billing data again for use in pricing and for display on the Hybrid billing dashboard.
Abiquo 5.2 introduced a new monthly task that updates the refresh token automatically. You can control the frequency of the task using abiquo.pricing.credentials.check.delayInHrs
as an Abiquo Configuration property.
Copyright © 2006-2024, Abiquo Holdings SL. All rights reserved