Cosmosdb Resource Token Authorization Header using a REST call












1















Cosmosdb has the concept of a permission for a user. That permission contains a token that can be used to access a specified partition for a limited time with limited access.



I've created a resource token broker, which creates the permission, retrieves the token and returns it to a client Xamarin Forms app. So far so good.



If I am using the DocumentClient from the .NET SDK, that token - unmodified - works great.



However, I'd like to avoid having a dependency on DocumentClient in my app and just instead make REST api calls directly to Cosmosdb.



If I put that token in the authorization header, I get format errors for that header. I can't find the source code to the SDK, and all the samples are built modifying a master token.



Can anyone explain/point/sample me on what I have to do to that resource token that I get from the permission to make it an acceptable header so I can just make a REST call?



TIA






azure-cosmosdb







share|improve this question



























    1















    Cosmosdb has the concept of a permission for a user. That permission contains a token that can be used to access a specified partition for a limited time with limited access.



    I've created a resource token broker, which creates the permission, retrieves the token and returns it to a client Xamarin Forms app. So far so good.



    If I am using the DocumentClient from the .NET SDK, that token - unmodified - works great.



    However, I'd like to avoid having a dependency on DocumentClient in my app and just instead make REST api calls directly to Cosmosdb.



    If I put that token in the authorization header, I get format errors for that header. I can't find the source code to the SDK, and all the samples are built modifying a master token.



    Can anyone explain/point/sample me on what I have to do to that resource token that I get from the permission to make it an acceptable header so I can just make a REST call?



    TIA






    azure-cosmosdb







    share|improve this question

























      1












      1








      1








      Cosmosdb has the concept of a permission for a user. That permission contains a token that can be used to access a specified partition for a limited time with limited access.



      I've created a resource token broker, which creates the permission, retrieves the token and returns it to a client Xamarin Forms app. So far so good.



      If I am using the DocumentClient from the .NET SDK, that token - unmodified - works great.



      However, I'd like to avoid having a dependency on DocumentClient in my app and just instead make REST api calls directly to Cosmosdb.



      If I put that token in the authorization header, I get format errors for that header. I can't find the source code to the SDK, and all the samples are built modifying a master token.



      Can anyone explain/point/sample me on what I have to do to that resource token that I get from the permission to make it an acceptable header so I can just make a REST call?



      TIA






      azure-cosmosdb







      share|improve this question














      Cosmosdb has the concept of a permission for a user. That permission contains a token that can be used to access a specified partition for a limited time with limited access.



      I've created a resource token broker, which creates the permission, retrieves the token and returns it to a client Xamarin Forms app. So far so good.



      If I am using the DocumentClient from the .NET SDK, that token - unmodified - works great.



      However, I'd like to avoid having a dependency on DocumentClient in my app and just instead make REST api calls directly to Cosmosdb.



      If I put that token in the authorization header, I get format errors for that header. I can't find the source code to the SDK, and all the samples are built modifying a master token.



      Can anyone explain/point/sample me on what I have to do to that resource token that I get from the permission to make it an acceptable header so I can just make a REST call?



      TIA






      azure-cosmosdb




      azure-cosmosdb






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 16 '18 at 21:44









      nhwillynhwilly

      301211




      301211
























          2 Answers
          2






          active

          oldest

          votes


















          1














          Based on your description, I think you already know how to get resource token. All your jobs are good except the resource token format. You need to urlencode your resource token then your code will be fine. I tested it successfully.



          var databaseId = "db";
          
var collectionId = "coll";
          
var datetime = DateTime.UtcNow.ToString("R");
          
var version = "2017-02-22";
          
var resourceId = $"dbs/{databaseId}/colls/{collectionId}";
          
var auth = "type%3Dresource%26ver%3D1%26sig%3Dny%2BUlL6QIWR69OfiaSjTsw%3D%3D%3B%2Ba%2FwmK37zLn%2FoilfztnXpfyCN3n9tChunmpBdROF8BH4**********************oU0BJ4z8aDZT%2F%2FgTVJ0hgpXTK8UYMOrL5di3he9wbvQwFkFOdpXD7%2B%2Byhmb1uUOnq%2Fyp454O2fQKR8uA3KaiLCCjYZ6qr%2BQ%2BTV1Cu1u%2F6Yj34nc4UYtpRBX5K************qCGjhvpQ%3D%3D%3B";
          

          
var urlPath = $"https://***.documents.azure.com/dbs/db/colls/coll/docs/1";
          
Uri uri = new Uri(urlPath);
          
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          
HttpClient client = new HttpClient();
          

          
client.DefaultRequestHeaders.Add("x-ms-date", datetime);
          
client.DefaultRequestHeaders.Add("x-ms-version", version);   
          
client.DefaultRequestHeaders.Add("Authorization", auth);
          
HttpResponseMessage response = client.SendAsync(request).Result;
          
var status = response.IsSuccessStatusCode;
          
var message = response.RequestMessage;





          share|improve this answer
























          • I marked this as the answer as no one was really willing to take a shot at this, so that you, Jay, for that one. I'm going to try to add some more facts to the answer, though.

            – nhwilly
            Nov 19 '18 at 21:34



















          1














          Jay's solution was correct. I was missing a couple of parts. This entry is for any poor devil facing the same things.




          1. The token that actually comes back from Cosmosdb in the permission object is not encoded, as Jay pointed out. As of .Net Core 2.x you need to use WebUtility.UrlEncode(token) to get it in the right format. I spent an hour using HtmlEncode not UrlEncode. I'm an idiot.


          {UPDATE: I'm even dumber than originally thought. You have to use HttpUtility.UrlEncode, not WebUtility.UrlEncode. This is because they encode differently. WebUtility ends up with stuff like %3D while HttpUtility encodes it %3d. That's not important except when it comes to auth tokens. When I ran Fiddler on a DocumentClient call I noticed the tokens contains lower cased encoding values.} So ignore #1 above and use HttpUtility instead.




          1. I mentioned that I was using partitions in the original question, but Jay's answer didn't cover that, so I was still failing. I was specifying a partition key, but it's not clear from the docs whether that's the partition key path or the partition key value. And that's not obvious if you believe that the permission token will contain a permission key value when it's created. No way to know what's going on under the covers. Trial and error. My personal fav.


          2. But the less than obvious kicker is the format of the partition key. If you are limiting the permission to a partition then you need to specify the partition in the header, like this:



            client.DefaultRequestHeaders.Add("x-ms-documentdb-partitionkey", partitions);




          3. And you need to format the partitions variable like this:



            string json = JsonConvert.SerializeObject(new { "b39bcd43-8d3d-*********-4e4492fa3e7d" });



          And that's because Cosmodb is expecting an array of partition keys, even though it only accepts on partition key in the list (as I understand it anyway). If you don't want to use JsonConvert you can build it manually, using $"["{yourPartitionKey}"]".



          After all that it worked like a peach. Thanks, again, Jay!






          share|improve this answer





















          • 1





            It seems my answer is very imperfect. Really appreciate for your sharing!

            – Jay Gong
            Nov 20 '18 at 1:04











          • No, man, it was great. I was really struggling that it was even possible and the error codes were not helpful at all. You proving to me it could be done was what broke the ice.

            – nhwilly
            Nov 20 '18 at 17:05











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53345837%2fcosmosdb-resource-token-authorization-header-using-a-rest-call%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          2 Answers
          2






          active

          oldest

          votes








          2 Answers
          2






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          1














          Based on your description, I think you already know how to get resource token. All your jobs are good except the resource token format. You need to urlencode your resource token then your code will be fine. I tested it successfully.



          var databaseId = "db";
          
var collectionId = "coll";
          
var datetime = DateTime.UtcNow.ToString("R");
          
var version = "2017-02-22";
          
var resourceId = $"dbs/{databaseId}/colls/{collectionId}";
          
var auth = "type%3Dresource%26ver%3D1%26sig%3Dny%2BUlL6QIWR69OfiaSjTsw%3D%3D%3B%2Ba%2FwmK37zLn%2FoilfztnXpfyCN3n9tChunmpBdROF8BH4**********************oU0BJ4z8aDZT%2F%2FgTVJ0hgpXTK8UYMOrL5di3he9wbvQwFkFOdpXD7%2B%2Byhmb1uUOnq%2Fyp454O2fQKR8uA3KaiLCCjYZ6qr%2BQ%2BTV1Cu1u%2F6Yj34nc4UYtpRBX5K************qCGjhvpQ%3D%3D%3B";
          

          
var urlPath = $"https://***.documents.azure.com/dbs/db/colls/coll/docs/1";
          
Uri uri = new Uri(urlPath);
          
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          
HttpClient client = new HttpClient();
          

          
client.DefaultRequestHeaders.Add("x-ms-date", datetime);
          
client.DefaultRequestHeaders.Add("x-ms-version", version);   
          
client.DefaultRequestHeaders.Add("Authorization", auth);
          
HttpResponseMessage response = client.SendAsync(request).Result;
          
var status = response.IsSuccessStatusCode;
          
var message = response.RequestMessage;





          share|improve this answer
























          • I marked this as the answer as no one was really willing to take a shot at this, so that you, Jay, for that one. I'm going to try to add some more facts to the answer, though.

            – nhwilly
            Nov 19 '18 at 21:34
















          1














          Based on your description, I think you already know how to get resource token. All your jobs are good except the resource token format. You need to urlencode your resource token then your code will be fine. I tested it successfully.



          var databaseId = "db";
          
var collectionId = "coll";
          
var datetime = DateTime.UtcNow.ToString("R");
          
var version = "2017-02-22";
          
var resourceId = $"dbs/{databaseId}/colls/{collectionId}";
          
var auth = "type%3Dresource%26ver%3D1%26sig%3Dny%2BUlL6QIWR69OfiaSjTsw%3D%3D%3B%2Ba%2FwmK37zLn%2FoilfztnXpfyCN3n9tChunmpBdROF8BH4**********************oU0BJ4z8aDZT%2F%2FgTVJ0hgpXTK8UYMOrL5di3he9wbvQwFkFOdpXD7%2B%2Byhmb1uUOnq%2Fyp454O2fQKR8uA3KaiLCCjYZ6qr%2BQ%2BTV1Cu1u%2F6Yj34nc4UYtpRBX5K************qCGjhvpQ%3D%3D%3B";
          

          
var urlPath = $"https://***.documents.azure.com/dbs/db/colls/coll/docs/1";
          
Uri uri = new Uri(urlPath);
          
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          
HttpClient client = new HttpClient();
          

          
client.DefaultRequestHeaders.Add("x-ms-date", datetime);
          
client.DefaultRequestHeaders.Add("x-ms-version", version);   
          
client.DefaultRequestHeaders.Add("Authorization", auth);
          
HttpResponseMessage response = client.SendAsync(request).Result;
          
var status = response.IsSuccessStatusCode;
          
var message = response.RequestMessage;





          share|improve this answer
























          • I marked this as the answer as no one was really willing to take a shot at this, so that you, Jay, for that one. I'm going to try to add some more facts to the answer, though.

            – nhwilly
            Nov 19 '18 at 21:34














          1












          1








          1







          Based on your description, I think you already know how to get resource token. All your jobs are good except the resource token format. You need to urlencode your resource token then your code will be fine. I tested it successfully.



          var databaseId = "db";
          
var collectionId = "coll";
          
var datetime = DateTime.UtcNow.ToString("R");
          
var version = "2017-02-22";
          
var resourceId = $"dbs/{databaseId}/colls/{collectionId}";
          
var auth = "type%3Dresource%26ver%3D1%26sig%3Dny%2BUlL6QIWR69OfiaSjTsw%3D%3D%3B%2Ba%2FwmK37zLn%2FoilfztnXpfyCN3n9tChunmpBdROF8BH4**********************oU0BJ4z8aDZT%2F%2FgTVJ0hgpXTK8UYMOrL5di3he9wbvQwFkFOdpXD7%2B%2Byhmb1uUOnq%2Fyp454O2fQKR8uA3KaiLCCjYZ6qr%2BQ%2BTV1Cu1u%2F6Yj34nc4UYtpRBX5K************qCGjhvpQ%3D%3D%3B";
          

          
var urlPath = $"https://***.documents.azure.com/dbs/db/colls/coll/docs/1";
          
Uri uri = new Uri(urlPath);
          
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          
HttpClient client = new HttpClient();
          

          
client.DefaultRequestHeaders.Add("x-ms-date", datetime);
          
client.DefaultRequestHeaders.Add("x-ms-version", version);   
          
client.DefaultRequestHeaders.Add("Authorization", auth);
          
HttpResponseMessage response = client.SendAsync(request).Result;
          
var status = response.IsSuccessStatusCode;
          
var message = response.RequestMessage;





          share|improve this answer













          Based on your description, I think you already know how to get resource token. All your jobs are good except the resource token format. You need to urlencode your resource token then your code will be fine. I tested it successfully.



          var databaseId = "db";
          
var collectionId = "coll";
          
var datetime = DateTime.UtcNow.ToString("R");
          
var version = "2017-02-22";
          
var resourceId = $"dbs/{databaseId}/colls/{collectionId}";
          
var auth = "type%3Dresource%26ver%3D1%26sig%3Dny%2BUlL6QIWR69OfiaSjTsw%3D%3D%3B%2Ba%2FwmK37zLn%2FoilfztnXpfyCN3n9tChunmpBdROF8BH4**********************oU0BJ4z8aDZT%2F%2FgTVJ0hgpXTK8UYMOrL5di3he9wbvQwFkFOdpXD7%2B%2Byhmb1uUOnq%2Fyp454O2fQKR8uA3KaiLCCjYZ6qr%2BQ%2BTV1Cu1u%2F6Yj34nc4UYtpRBX5K************qCGjhvpQ%3D%3D%3B";
          

          
var urlPath = $"https://***.documents.azure.com/dbs/db/colls/coll/docs/1";
          
Uri uri = new Uri(urlPath);
          
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          
HttpClient client = new HttpClient();
          

          
client.DefaultRequestHeaders.Add("x-ms-date", datetime);
          
client.DefaultRequestHeaders.Add("x-ms-version", version);   
          
client.DefaultRequestHeaders.Add("Authorization", auth);
          
HttpResponseMessage response = client.SendAsync(request).Result;
          
var status = response.IsSuccessStatusCode;
          
var message = response.RequestMessage;






          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 19 '18 at 9:12









          Jay GongJay Gong

          8,5751512




          8,5751512













          • I marked this as the answer as no one was really willing to take a shot at this, so that you, Jay, for that one. I'm going to try to add some more facts to the answer, though.

            – nhwilly
            Nov 19 '18 at 21:34



















          • I marked this as the answer as no one was really willing to take a shot at this, so that you, Jay, for that one. I'm going to try to add some more facts to the answer, though.

            – nhwilly
            Nov 19 '18 at 21:34

















          I marked this as the answer as no one was really willing to take a shot at this, so that you, Jay, for that one. I'm going to try to add some more facts to the answer, though.

          – nhwilly
          Nov 19 '18 at 21:34





          I marked this as the answer as no one was really willing to take a shot at this, so that you, Jay, for that one. I'm going to try to add some more facts to the answer, though.

          – nhwilly
          Nov 19 '18 at 21:34













          1














          Jay's solution was correct. I was missing a couple of parts. This entry is for any poor devil facing the same things.




          1. The token that actually comes back from Cosmosdb in the permission object is not encoded, as Jay pointed out. As of .Net Core 2.x you need to use WebUtility.UrlEncode(token) to get it in the right format. I spent an hour using HtmlEncode not UrlEncode. I'm an idiot.


          {UPDATE: I'm even dumber than originally thought. You have to use HttpUtility.UrlEncode, not WebUtility.UrlEncode. This is because they encode differently. WebUtility ends up with stuff like %3D while HttpUtility encodes it %3d. That's not important except when it comes to auth tokens. When I ran Fiddler on a DocumentClient call I noticed the tokens contains lower cased encoding values.} So ignore #1 above and use HttpUtility instead.




          1. I mentioned that I was using partitions in the original question, but Jay's answer didn't cover that, so I was still failing. I was specifying a partition key, but it's not clear from the docs whether that's the partition key path or the partition key value. And that's not obvious if you believe that the permission token will contain a permission key value when it's created. No way to know what's going on under the covers. Trial and error. My personal fav.


          2. But the less than obvious kicker is the format of the partition key. If you are limiting the permission to a partition then you need to specify the partition in the header, like this:



            client.DefaultRequestHeaders.Add("x-ms-documentdb-partitionkey", partitions);




          3. And you need to format the partitions variable like this:



            string json = JsonConvert.SerializeObject(new { "b39bcd43-8d3d-*********-4e4492fa3e7d" });



          And that's because Cosmodb is expecting an array of partition keys, even though it only accepts on partition key in the list (as I understand it anyway). If you don't want to use JsonConvert you can build it manually, using $"["{yourPartitionKey}"]".



          After all that it worked like a peach. Thanks, again, Jay!






          share|improve this answer





















          • 1





            It seems my answer is very imperfect. Really appreciate for your sharing!

            – Jay Gong
            Nov 20 '18 at 1:04











          • No, man, it was great. I was really struggling that it was even possible and the error codes were not helpful at all. You proving to me it could be done was what broke the ice.

            – nhwilly
            Nov 20 '18 at 17:05
















          1














          Jay's solution was correct. I was missing a couple of parts. This entry is for any poor devil facing the same things.




          1. The token that actually comes back from Cosmosdb in the permission object is not encoded, as Jay pointed out. As of .Net Core 2.x you need to use WebUtility.UrlEncode(token) to get it in the right format. I spent an hour using HtmlEncode not UrlEncode. I'm an idiot.


          {UPDATE: I'm even dumber than originally thought. You have to use HttpUtility.UrlEncode, not WebUtility.UrlEncode. This is because they encode differently. WebUtility ends up with stuff like %3D while HttpUtility encodes it %3d. That's not important except when it comes to auth tokens. When I ran Fiddler on a DocumentClient call I noticed the tokens contains lower cased encoding values.} So ignore #1 above and use HttpUtility instead.




          1. I mentioned that I was using partitions in the original question, but Jay's answer didn't cover that, so I was still failing. I was specifying a partition key, but it's not clear from the docs whether that's the partition key path or the partition key value. And that's not obvious if you believe that the permission token will contain a permission key value when it's created. No way to know what's going on under the covers. Trial and error. My personal fav.


          2. But the less than obvious kicker is the format of the partition key. If you are limiting the permission to a partition then you need to specify the partition in the header, like this:



            client.DefaultRequestHeaders.Add("x-ms-documentdb-partitionkey", partitions);




          3. And you need to format the partitions variable like this:



            string json = JsonConvert.SerializeObject(new { "b39bcd43-8d3d-*********-4e4492fa3e7d" });



          And that's because Cosmodb is expecting an array of partition keys, even though it only accepts on partition key in the list (as I understand it anyway). If you don't want to use JsonConvert you can build it manually, using $"["{yourPartitionKey}"]".



          After all that it worked like a peach. Thanks, again, Jay!






          share|improve this answer





















          • 1





            It seems my answer is very imperfect. Really appreciate for your sharing!

            – Jay Gong
            Nov 20 '18 at 1:04











          • No, man, it was great. I was really struggling that it was even possible and the error codes were not helpful at all. You proving to me it could be done was what broke the ice.

            – nhwilly
            Nov 20 '18 at 17:05














          1












          1








          1







          Jay's solution was correct. I was missing a couple of parts. This entry is for any poor devil facing the same things.




          1. The token that actually comes back from Cosmosdb in the permission object is not encoded, as Jay pointed out. As of .Net Core 2.x you need to use WebUtility.UrlEncode(token) to get it in the right format. I spent an hour using HtmlEncode not UrlEncode. I'm an idiot.


          {UPDATE: I'm even dumber than originally thought. You have to use HttpUtility.UrlEncode, not WebUtility.UrlEncode. This is because they encode differently. WebUtility ends up with stuff like %3D while HttpUtility encodes it %3d. That's not important except when it comes to auth tokens. When I ran Fiddler on a DocumentClient call I noticed the tokens contains lower cased encoding values.} So ignore #1 above and use HttpUtility instead.




          1. I mentioned that I was using partitions in the original question, but Jay's answer didn't cover that, so I was still failing. I was specifying a partition key, but it's not clear from the docs whether that's the partition key path or the partition key value. And that's not obvious if you believe that the permission token will contain a permission key value when it's created. No way to know what's going on under the covers. Trial and error. My personal fav.


          2. But the less than obvious kicker is the format of the partition key. If you are limiting the permission to a partition then you need to specify the partition in the header, like this:



            client.DefaultRequestHeaders.Add("x-ms-documentdb-partitionkey", partitions);




          3. And you need to format the partitions variable like this:



            string json = JsonConvert.SerializeObject(new { "b39bcd43-8d3d-*********-4e4492fa3e7d" });



          And that's because Cosmodb is expecting an array of partition keys, even though it only accepts on partition key in the list (as I understand it anyway). If you don't want to use JsonConvert you can build it manually, using $"["{yourPartitionKey}"]".



          After all that it worked like a peach. Thanks, again, Jay!






          share|improve this answer















          Jay's solution was correct. I was missing a couple of parts. This entry is for any poor devil facing the same things.




          1. The token that actually comes back from Cosmosdb in the permission object is not encoded, as Jay pointed out. As of .Net Core 2.x you need to use WebUtility.UrlEncode(token) to get it in the right format. I spent an hour using HtmlEncode not UrlEncode. I'm an idiot.


          {UPDATE: I'm even dumber than originally thought. You have to use HttpUtility.UrlEncode, not WebUtility.UrlEncode. This is because they encode differently. WebUtility ends up with stuff like %3D while HttpUtility encodes it %3d. That's not important except when it comes to auth tokens. When I ran Fiddler on a DocumentClient call I noticed the tokens contains lower cased encoding values.} So ignore #1 above and use HttpUtility instead.




          1. I mentioned that I was using partitions in the original question, but Jay's answer didn't cover that, so I was still failing. I was specifying a partition key, but it's not clear from the docs whether that's the partition key path or the partition key value. And that's not obvious if you believe that the permission token will contain a permission key value when it's created. No way to know what's going on under the covers. Trial and error. My personal fav.


          2. But the less than obvious kicker is the format of the partition key. If you are limiting the permission to a partition then you need to specify the partition in the header, like this:



            client.DefaultRequestHeaders.Add("x-ms-documentdb-partitionkey", partitions);




          3. And you need to format the partitions variable like this:



            string json = JsonConvert.SerializeObject(new { "b39bcd43-8d3d-*********-4e4492fa3e7d" });



          And that's because Cosmodb is expecting an array of partition keys, even though it only accepts on partition key in the list (as I understand it anyway). If you don't want to use JsonConvert you can build it manually, using $"["{yourPartitionKey}"]".



          After all that it worked like a peach. Thanks, again, Jay!







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Dec 9 '18 at 19:19

























          answered Nov 19 '18 at 22:44









          nhwillynhwilly

          301211




          301211








          • 1





            It seems my answer is very imperfect. Really appreciate for your sharing!

            – Jay Gong
            Nov 20 '18 at 1:04











          • No, man, it was great. I was really struggling that it was even possible and the error codes were not helpful at all. You proving to me it could be done was what broke the ice.

            – nhwilly
            Nov 20 '18 at 17:05














          • 1





            It seems my answer is very imperfect. Really appreciate for your sharing!

            – Jay Gong
            Nov 20 '18 at 1:04











          • No, man, it was great. I was really struggling that it was even possible and the error codes were not helpful at all. You proving to me it could be done was what broke the ice.

            – nhwilly
            Nov 20 '18 at 17:05








          1




          1





          It seems my answer is very imperfect. Really appreciate for your sharing!

          – Jay Gong
          Nov 20 '18 at 1:04





          It seems my answer is very imperfect. Really appreciate for your sharing!

          – Jay Gong
          Nov 20 '18 at 1:04













          No, man, it was great. I was really struggling that it was even possible and the error codes were not helpful at all. You proving to me it could be done was what broke the ice.

          – nhwilly
          Nov 20 '18 at 17:05





          No, man, it was great. I was really struggling that it was even possible and the error codes were not helpful at all. You proving to me it could be done was what broke the ice.

          – nhwilly
          Nov 20 '18 at 17:05


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53345837%2fcosmosdb-resource-token-authorization-header-using-a-rest-call%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          這個網誌中的熱門文章

          Tangent Lines Diagram Along Smooth Curve

          圖片
          7 1 I am trying to replicate a diagram and have a minimal example. I don't know how to add additional tangents between the specified points and preserve smoothness. documentclass{article} usepackage{tikz} usetikzlibrary{calc,intersections} begin{document} begin{tikzpicture} % Axes draw [->, name path=x] (-1,0) -- (11,0) node [right] {$x$}; draw [->] (0,-1) -- (0,6) node [above] {$y$}; % Origin node at (0,0) [below left] {$0$}; % Points coordinate (start) at (1,-0.8); coordinate (c1) at (3,3); coordinate (c2) at (5.5,1.5); coordinate (c3) at (8,4); coordinate (end) at (10.5,-0.8); % show the points foreach n in {start,c1,c2,c3,end} fill [black] (n) circle (2pt) node [below] {}; % join the coordinates draw [thick,name path=curve] (start) to[out=70,in=180] (c1) to[out=0,in=180]
          閱讀完整內容

          Yusuf al-Mu'taman ibn Hud

          圖片
          Main article: Taifa of Zaragoza Al-Mu'taman Ruler of Zaragoza Reign 1081–1085 Predecessor Ahmad al-Muqtadir Successor Al-Mustain II Born Zaragoza Died 1085 Full name Yusuf ibn Ahmad al-Mu'taman ibn Hūd House Banu Hud Yusuf ibn Ahmad al-Mu'taman ibn Hūd (Arabic: المؤتمن بالله يوسف إبن أحمد إبن هود ‎, al-Mutaman bi l-Lah , died c. 1085) was the third king of the Banu Hud dynasty who ruled over the Taifa of Zaragoza from 1081 to 1085. Yusuf al-Mutaman reigned during the height of power of Muslim Zaragoza , following the thriving period of his father Ahmad al-Muqtadir. He continued his father's efforts and created around him a court of intellectuals, living in the beautiful palace of Aljafería, nicknamed as "the palace of joy". Al-Mu'taman was also a scholarly king and a patron of science, philosophy and arts. As an example of a wise king, he knew astrology, philosophy, and especially mathematics, a discipline in which
          閱讀完整內容

          Zucchini

          圖片
          This article is about the vegetable. For other uses, see Zucchini (disambiguation). Zucchini (courgette) A striped and a uniform color zucchini Genus Cucurbita Species Cucurbita pepo Origin 19th century northern Italy The zucchini ( / z uː ˈ k iː n i / , American English) or courgette ( / k ʊər ˈ ʒ ɛ t / , British English) is a summer squash which can reach nearly 1 metre (100 cm; 39 in) in length, but is usually harvested when still immature at about 15 to 25 cm (6 to 10 in). [1] A zucchini is a thin-skinned cultivar of what in Britain and Ireland is referred to as a marrow. [2] [3] In South Africa, a zucchini is known as a baby marrow. Along with certain other squashes and pumpkins, the zucchini belongs to the species Cucurbita pepo . It can be dark or light green. A related hybrid, the golden zucchini, is a deep yellow or orange color. [4] In a culinary context, the zucchini is treated as a vegetable; it is usually cooked and presented as a savory dish o
          閱讀完整內容