I’m having trouble setting up our Azure account in Octopus. I’ve tried running through the tutorial here https://octopus.com/docs/infrastructure/azure/creating-an-azure-account/creating-an-azure-service-principal-account to setup the Service Principle (both the Powershell and portal methods) and everything goes well. However, when I put all of the credentials into Octopus and press Save and Test I get an error stating: “Failed: Unable to verify account: authority_not_in_valid_list: ‘authority’ is not in the list of valid addresses Inner Exception: The remote server returned an error: (400) Bad Request.”
I have tried running the Powershell script I found in another support request on the Octopus server and everything appears to work:
I have double checked all of the GUIDs and they are correct.
Is it possible it’s something to do with the AD Base Uri, which I currently have set as https://octopus.com/ or the Resource Management Base Uri which I’ve left blank?
Yes, it’d be that base Uri causing the problem. You only need to override those values if you’re using an isolated Azure Environment (such as Azure China/Germany etc).
If you’re just using the standard Azure Global Cloud, you can untick the “Configure Isolated Azure Environment connection” checkbox and leave the Base Uri fields blank and Octopus will automatically find and use the correct values that you need.
If you ARE using an isolated Azure Environment (China/Germany/US Gov), you can use the command shown in the Azure Environment Options section of this documentation to determine what values you need.
But if you’re just using the standard Azure Cloud, we’d recommend leaving all those Base Uri fields blank and you should be good to go.
It’s working now! I think I know what happened. I originally setup the Azure account on an older version of Octopus which is where I entered that url and I updated in the hope that it’d let me connect. I couldn’t actually see there was a value in Base Uri with the new version and “Configure Isolated Azure Environment connection” was unchecked, I had to check it then remove the url, uncheck it and it started working. It seems it still uses the “AD Endpoint Base Uri” even when “Configure Isolated Azure Environment connection” is unchecked.
Thanks for clarifying. You’ve just highlighted a bug in the UI for people who had upgraded from older versions We’ll make sure this is fixed so no one else will walk into this trap.