Credential creation errors on Azure

The following section lists common issues related to creating a credential on Azure and steps to resolve them.

You don't have enough permissions to assign roles

Error: You don't have enough permissions to assign roles, please contact with your administrator

Solution: This error occurs in the Azure console because you are not authorized to perform role assignment. To solve the problem, ask your Azure administrator to perform the step of assigning the Contributor role to your application.

Client does not have authorization

Error: Failed to verify credential: Status code 403, {“error”:{“code”:”AuthorizationFailed”, “message”:”The client ‘X’ with object id ‘z’ does not have authorization to perform action ‘Microsoft.Storage/storageAccounts/read’ over scope ‘subscriptions/…’”}

Solution: If you get this error during interactive credential creation, this means that your Azure account does not have sufficient permissions to create a credential. To solve the problem, check if your Azure account has Microsoft.Authorization/*/Write permission; If it doesn't, contact your Azure administrator to either give your account that permission or create the necessary resources for the app-based credential creation method.

If you get this error during app-based credential creation, then the reason is that you did not assign the Contributor role to your app. To solve the issue, either assign the Contributor role to the app or - if you don't have Owner role - ask your Azure administrator to perform this step.

Application with identifier was not found in the directory

Error: The following error appears during the interactive credential creation flow:

Application with identifier was not found in the directory. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

Solution: To fix the issue, wait for one minute and then refresh the page. Afterwards, you should see the application consent page:

Permissions requested page does not appear

Problem: The "Permissions requested" page does not appear during interactive credential flow.

Solution: Perform the following steps:

  1. In the Management Console, navigate to Environments > Shared Resources > Credentials.
  2. Search for the credential you just created and select it by checking the checkbox.
  3. Click .
  4. Click on Reauthenticate (ignore the AppID and Password fields).
  5. You’ll be redirected to Environments > Shared Resources > Credentials.