We are using azure for publishing our application and we are having three different web apps for dev, stage and prod.
By referring the below link
https://azure.microsoft.com/en-us/documentation/articles/sendgrid-dotnet-how-to-send-email/
We configured the sendgrid account in azure and we are able to send email without any issue in all three environments dev, stag and prod.
Note: We are using same sendgrid account for dev, stage and prod.
Issue:
Now, for tracking and billing purpose we decided to use different sendgrid accounts for dev, stag and prod. i.e.,
Azure SendGrid account 1 - dev
Azure SendGrid account 2 - stag
Azure SendGrid account 3 - prod
But we don't know how to accomplish via azure portal and when we tried it's not allowing.
Please, suggest some steps or links to accomplish this so that we can plan out for release. Thanks in advance
SendGrid supports subusers, so you could have your parent account and two or three subusers depending on if you wanted to send via the parent account as well. You can read about subusers on the SendGrid docs. Let me know if you have any questions.
About halfway down in the article you provided a link for you'll see:
and
You could add more app settings such as:
SENDGRID_DEV_APIKEY, SENDGRID_STAGE_APIKEY, SENDGRID_PROD_APIKEY
Then in your code check what environment the code is running and use the appropriate app setting/api key.
var apiKey = "";
//GetCurrentEnvironment() is a method you would write that contains logic to determine what "environment" is being used.
if (GetCurrentEnvironment() == "dev") {
apiKey = System.Environment.GetEnvironmentVariable("SENDGRID_DEV_APIKEY");
} else if (GetCurrentEnvironment() == "stage") {
apiKey = System.Environment.GetEnvironmentVariable("SENDGRID_STAGE_APIKEY");
} else if (GetCurrentEnvironment() == "prod") {
apiKey = System.Environment.GetEnvironmentVariable("SENDGRID_PROD_APIKEY");
}
var transportWeb = new Web(apiKey);
Related
I'm trying to create a release pipeline in DevOps, that releases packages to LCS. The normal Dynamics 365 FO way of working. The issue is, I don't have an admin account without MFA that can be used to do this. Which roles or general setup, should I set on the AAD user, to be able to create the release? Currently I'm getting the AADSTS7000218 error.
I created a user that doesn't have MFA and I expect to add certain roles to be able to use this user for creating releases in DevOps.
In Azure DevOps, to create release pipeline you need "Edit release pipeline" permission set to Allow. And you need to be at least a Basic user.
And as per the document, AADSTS7000218 means The request body must contain the following parameter: 'client_assertion' or 'client_secret'. When authenticating to Azure AD to get an access token, the client application is not providing its “password” (in the form of either a client secret or a client assertion) as expected by Azure AD’s token endpoint.
You could try navigating to Azure Active Directory->App Registration and find Authentication in your application. And set "Allow public client flows" to "Yes" in Azure portal.
Here's another ticket has the similar issue, hope it can help.
I'm having a error when try connect power automate with Azure DevOps. I have two ways to login, personal and business account.
I need to use the business account because it contains the automate license.
When I use my personal account, I can acess the projects.
But when i use my business account, the power automate show me a error.
In Azure Devops I'm using my business account and I'm in all projects and permissions.
I enabled auth in Azure Devops.
And my access level is basic
After a couple companies merge, we had to build up an AZ DevOps solution from scratch for the new business entity. Unfortunately, at that time we added some users from various companies under their original email addresses (reason: reuse of their VS subscriptions).
Now we need to migrate these users in Azure DevOps from their old bill.smith#oldcompany.com to their new bill.smith#newcompany.com without losing their work and settings. Afterwards the users should be able to log in with their new emails and see everything as if they would log in with their old addresses.
Any ideas how to solve this problem?
You need to open a support case and they can help you out. You get a excel file to map users between the domains and they can map them over in one go.
jessehouwing is right, if you want to migrate data to new Azure DevOps users, you need submit a support ticket here.
But there are something you need pay attention and get ready first:
Do not add them (bill.smith#newcompany.com) to Azure DevOps Service or let them logon to Azure DevOps Service. At this point
Azure DevOps Service support needs to migrate/transfer the users.
Provide a mapping list of users (old user > new user) to Azure DevOps
Service Support.
Azure DevOps Service will transfer identities to the new users. This should add the new account to Azure DevOps Service, assign work items to the new account, assign the Azure DevOps Service license to the new account , and remove the old account from Azure DevOps Service.
I've been working on this for several days now, and after reading many documentations on this I am absolutely out of ideas.
What I've done so far:
Created three web apps (DEV, UAT, PROD) and switched System Assigned to ON to create a Managed Identity. This also registered the web
applications into the Azure Active Directory.
Registered an application in Azure Active Directory that includes redirect URI to UAT, DEV, Prod, and local URL.
Created Key Vault under the same resource group as the web apps for DEV, UAT, PROD.
Included all four applications in the Access Policy of the Key vault with GET and LIST permissions.
App Service Authentication is set to OFF (app service -> Authentication/Authorization -> OFF). We're using another means of user authentication.
After this setup, the key vault is accessible on localhost but not on the deployed environment. The reason why I believe so is because it's not retrieving the connectionString from the key vault.
I've consumed all sorts of documentation on this including https://learn.microsoft.com/en-us/azure/key-vault/service-to-service-authentication.
Project is .Net Framework 4.7.2
In the code, I have which retrieves my secrets locally but not on deployed:
public static string GetSecret(string SecretName, string vaultURL)
{
var azureServiceTokenProvider = new AzureServiceTokenProvider();
var keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
return keyVaultClient.GetSecretAsync(vaultURL, SecretName).Result.Value;
}
Please let me know what it is that I'm missing that's preventing my web app from accessing the key vault.
Make sure that you have updated any information that is specifically related to the local application. For example, if it was working locally and is not working when published, it's possible that there's a reference in the code or in the portal to the localhost environment, and this needs to be updated to the published environment. Sometimes in the app registration people will leave in a reference to the localhost URL and not add the published web page URL both there and in the code.
Also, please share the error that you are receiving.
After some careful debugging, I found out that my issue was actually a relatively simple one. The Key vault granted my web app using the identities, but it was this particular call that had caused my issues: ConfigurationManager.ConnectionStrings[1].Name. The purpose was to get the name of the connectionStrings to feed into my DBContext. Turns out that this didn't return the value I had expected in the production. After some changes the code, the problem is solved!
We are trying to change the access level of users at the organization level say for example from stakeholder to basic in Azure DevOps Services programmatically - via REST API/Powershell/ARM. Could you please direct me to some documentation or any sources which can help us through.
You can do this via the Azure DevOps REST API via the User Entitlement Endpoint.
https://learn.microsoft.com/en-us/rest/api/azure/devops/memberentitlementmanagement/user%20entitlements/update%20user%20entitlement?view=azure-devops-rest-5.0