If you’re working with Azure Web Apps and securing between services using managed identity, formerly known as Managed Service Identity (MSI), it can be useful to retrieve an access token on behalf of an application. We can accomplish this via PowerShell.
Credit
This is adapted from https://techcommunity.microsoft.com/t5/azure-developer-community-blog/understanding-azure-msi-managed-service-identity-tokens-caching/ba-p/337406 authored by Stephane Eyskens (@stephaneeyskens), big thanks for sharing this!
Code
Update the resource url from https://example.org/
to your resource below and paste this into a PowerShell prompt:
$ProgressPreference="SilentlyContinue"
$secret = (get-item env:MSI_SECRET).value
$endpoint = (get-item env:MSI_ENDPOINT).value
$headers = @{Secret = "$($secret)"}
$req=Invoke-WebRequest -UseBasicParsing -Uri "$($endpoint)?api-version=2017-09-01&resource=https://example.org/" -Headers $headers|ConvertFrom-JSON
$req
$req.access_token
You can access a PowerShell prompt via https://your-app-name.scm.azurewebsites.net/DebugConsole/?shell=powershell
(replace your-app-name
).