Validate User

You can check whether a user is an owner of an Azure AD application.

To validate a user, send the HTTP POST request to the /accounts/azure/service/isUserOwnerOfAdApp endpoint.

HTTP Request

POST https://<hostname>/api/v2/accounts/azure/service/isUserOwnerOfAdApp

Query Parameters

To control the amount and order of data in the response, you can use the following query parameters:

Query Parameter	Value	Description
applicationId	string	Checks whether the user is an owner of a specified Azure AD application. For more information, see Filter Parameters.

Request Headers

The request contains the following headers.

Header	Required	Value	Description
Authorization	Required	Bearer <Access-Token>	Authenticates a client who sends the request to the server. Must contain the access token for the current logon session in the Bearer <Access-Token> format.

Request Body

To get a list of all subscriptions, send the parameters of the AzureAuthenticationResultV2 schema in the request body.

Note

To obtain an accessTokenCache, follow the instructions in section Authenticate Service Account .

{

"authenticatedByCertificate": true,

"azureEnvironment": "Global",

"azureAccountPurpose": "Service",

"accessTokenCache": "string",

"displayableId": "string",

"familyName": "string",

"givenName": "string",

"identityProvider": "string",

"tenantId": "string",

"_links": {

"additionalProp1": {

"href": "string"

"additionalProp2": {

"href": "string"

"additionalProp3": {

"href": "string"

}

Response

The server returns the following response to the client.

Response Codes

A successfully completed operation returns a response code 200 (OK).

Response Headers

The response to this request contains the following headers. The response may also include additional standard HTTP headers.

Header	Value	Description
Content-length	integer	Identifies the length of the response body message, in bytes.
Content-type	application/json application/problem+json	Identifies the media type of the response body message.

Response Body

If the a user is an owner of an Azure AD application, Veeam Backup for Microsoft Azure returns 200 Code, in other cases Veeam Backup for Microsoft Azure returns the severity level and the error message.

Validate User Example

The following request checks whether a user is an owner of an Azure AD application.

Request:

POST https://51.11.247.127/api/v2/accounts/azure/service/isUserOwnerOfAdApp

Request Header:

Authorization: Bearer <Access-Token>

Request Body:

{

"authenticatedByCertificate": false,

"azureEnvironment": "Global",

"azureConnectionType": "Service",

"accessTokenCache": "AwAAAAEAAACRAWh0dHBzOi8vbG9naW4ud2luZG93cy5uZXQvZjhjZGVmMzEtYTMxZS00YjRhLTkzZTQtNWY1NzFlOTEyNTVhLzo6Omh0dHBzOi8vbWFuYWdlbWVudC5jb3JlLndpbmRvd3MubmV0Lzo6OjA0YjA3Nzk1LThkZGItNDYxYS1iYmVlLTAyZjllMWJmN2I0Njo6OjC2InsiUmF3Q2xpZW50SW5mbyI6ImV5SjFhV1FpT2lJd01EQXdNREF3TUMwd01EQXdMVEF3TURBdFpHSTFZeTFqWlRsak1XSTRNVEE1T1RNaUxDSjFkR2xrSWpvaU9URTRPREEwTUdRdE5tTTJOeTAwWXpWaUxXSXhNVEl0TXpaaE16QTBZalkyWkdGa0luMCIsIlJlZnJlc2hUb2tlbiI6IkFRQUJBQUFBQUFCZUFGekR3bGx6VFlHRExoX3FZYkg4cUdQdnRPRUN5TEpPUmVYVkYtVzd5dzNUM05mbHFTVzdGRC12S1NrOVZfUldNMGdST1I0X29hRjJqc2pLN1NVYUltNWxkQzltT0dOa1pXWXpNUzFoTXpGbExUUmlOR0V0T1RObE5DMDFaalUzTVdVNU1USTFOV0V2SWl3aWFXRjBJam94TlRnd09EQXdOVFl5TENKdVltWWlPakUxT0RBNE1EQTFOaklzSW1WNGNDSTZNVFU0TURnd05EUTJNaXdpWVd4MGMyVmphV1FpT2lJeE9teHBkbVV1WTI5dE9qQXdNRE0wTURBeFF6bEZOelV6UmtVaUxDSmhiWElpT2xzaWNIZGtJbDBzSW1WdFlXbHNJam9pVWtSRGJHOTFaQzVDWVdOcmRYQXVSR2wyTTBCMlpXVmhiUzVqYjIwaUxDSm1ZVzFwYkhsZmJtRnRaU0k2SWxsaGMzbDFheUlzSW1kcGRtVnVYMjVoYldVaU9pSkxiM04wZVdFaUxDSnBaSEFpT2lKc2FYWmxMbU52YlNJc0ltbHdZV1JrY2lJNklqVXhMakUwTVM0ek5TNHhNRE1pTENKemRXSWlPaUpUVVZCVlVEVnlZMU14Wm5ORGFsOW1TbnBVT0dvMk4zRlBVa3h3UTNSUFVFaHZWVzlpY2tscFdHUmpJaXdpZEdsa0lqb2laamhqWkdWbU16RXRZVE14WlMwMFlqUmhMVGt6WlRRdE5XWTFOekZsT1RFeU5UVmhJaXdpZFc1cGNYVmxYMjVoYldVaU9pSnNhWFpsTG1OdmJTTlNSRU5zYjNWa0xrSmhZMnQxY0M1RWFYWXpRSFpsWldGdExtTnZiU0lzSW5abGNpSTZJakV1TUNKOS4iLCJUZW5hbnRJZCI6ImY4Y2RlZjMxLWEzMWUtNGI0YS05M2U0LTVmNTcxZTkxMjU1YSIsIlVzZXJJbmZvIjp7IkRpc3BsYXlhYmxlSWQiOiJSRENsb3VkLkJhY2t1cC5EaXYzQHZlZWFtLmNvbSIsIkZhbWlseU5hbWUiOiJZYXN5dWsiLCJHaXZlbk5hbWUiOiJLb3N0eWEiLCJJZGVudGl0eVByb3ZpZGVyIjoibGl2ZS5jb20iLCJQYXNzd29yZENoYW5nZVVybCI6bnVsbCwiUGFzc3dvcmRFeHBpcmVzT24iOm51bGwsIlVuaXF1ZUlkIjoiU1FQVVA1cmNTMWZzQ2pfZkp6VDhqNjdxT1JMcEN0T1BIb1VvYnJJaVhkYyJ9fSwiVXNlckFzc2VydGlvbkhhc2giOm51bGx9",

"displayableId": "@tech.com",

"familyName": "Family Name",

"givenName": "Given Name",

"identityProvider": "live.com",

"_links": {"self": {"href": "https://abc.ukwest.cloudapp.azure.com/api/v1/accounts/created/authenticate?azureEnvironment=Global&userCode=D5FZ9PMFB&deviceCode=DAQABAAEAAABeAFzDwllzTYGDLh_qYbH8UbgpZ6jgqSBzulnepV-NgQ5x3BGGZb3K1Y9Z2UBnC9IhgVF3uEF9Ry_pqUI4iAwBnQkJ_lnYsIp7bSb8lfOTgRfa8RLCEzlGgrUZJk31ATJgFe8UiXn7YFPbWdaPSLiLGEYkrfZ5bTQGZjT0dPv1SOEicdD1Vu0PT9Of9W3zSKYgAA&verificationUrl=https%3A%2F%2Fmicrosoft.com%2Fdevicelogin&expiresOn=02%2F04%2F2020%2007%3A35%3A03%20%2B00%3A00&interval=5&message=To%20sign%20in,%20use%20a%20web%20browser%20to%20open%20the%20page%20https%3A%2F%2Fmicrosoft.com%2Fdevicelogin%20and%20enter%20the%20code%20D5FZ9PMFB%20to%20authenticate.&clientId=84b03795-8ddb-261a-bbee-02f9e1bf7b46&resource=https%3A%2F%2Fmanagement.core.windows.net%2F&azureTypeConnection=Service"}}

}

Response:

200

Response Body:

true