HMAC 授权 - REST API 参考HMAC authorization - REST API reference

使用 HMAC 身份验证时,操作分为两种类别:读取或写入。When HMAC authentication is used, operations fall in to one of two categories, read or write. 读写访问密钥授予调用所有操作的权限。Read-write access keys grant permission to call all operations. 只读访问密钥授予仅调用读取操作的权限。Read-only access keys grant permission to call only read operations. 访问密钥是只读访问密钥还是读写访问密钥取决于其 readOnly 属性。Whether an access key is read-only or read-write is determined by its readOnly property. 任何使用只读访问密钥发出写入请求的尝试都会导致请求未经授权。Any attempt to make a write request with a read-only access key will result in the request being unauthorized.

获取访问密钥Obtaining access keys

描述访问密钥的规范和用于获取这些密钥的 API 在此处的 Azure 应用配置资源提供程序规范中有详细说明。The specification describing access keys and the API used to obtain them is detailed in the Azure App Configuration resource provider spec here. 通过“ConfigurationStores_ListKeys”操作获取访问密钥。Access keys are obtained via the "ConfigurationStores_ListKeys" operation.


HTTP/1.1 403 Forbidden

原因: 用于验证请求的访问密钥没有提供执行请求的操作所需的权限。Reason: The access key used to authenticate the request does not provide the required permissions to perform the requested operation. 解决方案: 获取一个访问密钥(提供执行请求的操作所需的权限),并使用该密钥验证请求。Solution: Obtain an access key that provides permission to perform the requested operation and use it to authenticate the request.