If you do not have an Azure AD tenant yet, see Set up an Azure Active Directory tenant. Before you register your client with Azure AD, consider the following prerequisites: Your client application must make its identity configuration known to Azure AD before run-time by registering it in an Azure AD tenant. If you are using a REST API that does not use integrated Azure AD authentication, or you've already registered your client, skip to the Create the request section. The token's claims also provide information to the service, allowing it to validate the client and perform any required authorization. The token is then sent to the Azure service in the HTTP Authorization header of subsequent REST API requests. Authentication is coordinated between the various actors by Azure AD, and provides your client with an access token as proof of the authentication.
Most Azure services (such as Azure Resource Manager providers and the classic deployment model) require your client code to authenticate with valid credentials before you can call the service's API. Register your client application with Azure AD In this example, a response header of Content-Type: application/json is also included.
For example, when you request an access token from Azure AD, it is returned in the response body as the access_token element, one of several name/value paired objects in a data collection. Typically, these objects are returned in a structured format such as JSON or XML, as indicated by the Content-type response header. MIME-encoded response objects are returned in the HTTP response body, such as a response from a GET method that is returning data.Optional HTTP response message body fields: Optional additional header fields, as required to support the request's response, such as a Content-type response header.
Alternatively, a service-defined status code may be returned, as indicated in the API documentation. An HTTP status code, ranging from 2xx success codes to 4xx or 5xx error codes.Some services require you to use a specific MIME type, such as application/json. For POST or PUT operations, the MIME-encoding type for the body should be specified in the Content-type request header as well. For example, POST operations contain MIME-encoded objects that are passed as complex parameters. Optional HTTP request message body fields, to support the URI and HTTP operation. For example, an Authorization header that provides a bearer token containing client authorization information for the request. Optional additional header fields, as required by the specified URI and HTTP method.
Azure REST APIs support GET, HEAD, PUT, POST, and PATCH methods.
The process described in the following blog entry is similar to the one used for Postman, but shows how to call an Azure REST API using curl.You might consider using curl in unattended scripts, for example in DevOps automation scenarios.Ĭalling Azure REST API via curl Components of a REST API request/responseĪ REST API request/response pair can be separated into five components:
You can read the full walk-through on Jon Gallant's blog here: Azure REST APIs with Postman How to call Azure REST APIs with curl