I am creating a program to drop CDN cache. And so I did as documentation said I still get this:
{ "error": { "code": "AuthenticationFailedInvalidHeader", "message": "Authentication failed. The 'Authorization' header is provided in an invalid format." } }
So it basically says that the Authentication token itself is malformatted (not wrong or expired). Even though I did as documentation suggested.
My Request-Response flow looks like this (I obfuscated real data):
REQUEST
POST /subscriptions/29bdq1a7-348b-48fe-b9e6-b90c432892ff/resourceGroups/cdn-4/providers/Microsoft.Cdn/Profiles/CDN-3-Premium/endpoints/custom-endpoint.azureedge.net/purge?api-version=2015-06-01 HTTP/1.1
Content-Length: 90
User-Agent: GuzzleHttp/6.1.1 curl/7.35.0 PHP/7.0.2-2+deb.sury.org~trusty+1
Host: management.azure.com
Authorization: SharedAccessSignature uid=56c6d48a66904d02ce030003&ex=2017-02-19T11:41:00.0000000Z&sn=9wBsmFuP1ps01rt8nVlvsiAIdJMOqNsmGaiXUlfT35RxOvWAjHHcSIQdJA8v9wGvX4bJgX5fu1QyqVG6y9iQ6Q==
Content-Type: application/json
{
"ContentPaths": [
"/uploads/static/ads_en.json",
"/pic2.jpg"
]
}
RESPONSE
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
WWW-Authenticate: Bearer authorization_uri="https://login.windows.net/c87x6f33-af21-4461-a5b1-29647d8e9281", error="invalid_token", error_description="The authentication scheme of SharedAccessSignature is not supported."
x-ms-failure-cause: gateway
x-ms-request-id: 3514027b-e731-411c-b8es-cdf77d636284
x-ms-correlation-request-id: 3514137b-e731-411c-b8ee-cdf77d636284
x-ms-routing-request-id: WESTEUROPE:20160219T110919Z:3514037b-e731-411c-b7ee-cdf77d636184
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Fri, 19 Feb 2016 11:09:19 GMT
Connection: close
Content-Length: 150
{"error":{"code":"AuthenticationFailedInvalidHeader","message":"Authentication failed. The 'Authorization' header is provided in an invalid format."}}\
Can you suggest the way to solve it?
Part of the confusion I think is that there are two distinct Azure Management APIs (and nothing to do with Azure API Management).
There is the "Service Management" APIs and the Azure Resource Manager APIs (ARM).
The base URL you are using is for the ARM APIs and they don't use Shared Access Signatures. The best article around on calling the ARM APIs directly is here, http://blog.davidebbo.com/2015/12/calling-arm-using-plain-rest.html