Calling Azure APIs with the REST Extension for VS Code

The fantastic REST Client for VS Code is a popular and valuable tool when doing any work with a REST API, be it your own or a 3rd party. Using this extension you can define a set of HTTP calls in a .http or .rest file. The list of features it supports is impressive, you can use variables, chain calls together and build up a reference set of API calls which you can reuse and refer back to, or distribute with your code

Get the extension here
https://marketplace.visualstudio.com/items?itemName=humao.rest-client

Huachao / vscode-restclient

REST Client Extension for Visual Studio Code

Set up & Pre-reqs

When calling any Azure API you clearly need to authenticate, to cut a VERY long story short, this means getting an access token.

We'll use the common authentication scenario using a registered client, which is a Azure service principal plus the 'non-interactive flow' to request a token

The REST extension can help us get this token. Yay.

First create a service principal and give it the permissions to the Azure subscription you want to use.

Create a .env file and place the service principal details into it, this lets us keep secrets out of source control (I mean, you have .env included in your .gitignore of course)

AZURE_SUBSCRIPTION_ID="__YOUR_SUBSCRIPTION_ID__"
AZURE_TENANT_ID="__YOUR_TENANT_ID_ID__"
AZURE_CLIENT_ID"=__YOUR_CLIENT_ID__"
AZURE_CLIENT_SECRET="__YOUR_CLIENT_SECRET__"

Requesting an Access Token

In VS Code, create a new file with any name, but it should have .http or .rest as the file extension (like azure-api.rest) this file extension is what activates the REST Extension for VS Code.

Paste in the following contents

### Get access token to call Azure ARM API
# @name getToken 
POST https://login.microsoftonline.com/{{$dotenv %AZURE_TENANT_ID}}/oauth2/token
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials
&resource=https://management.azure.com/
&client_id={{$dotenv %AZURE_CLIENT_ID}}
&client_secret={{$dotenv %AZURE_CLIENT_SECRET}}

### Capture access token from getToken request
@authToken = {{getToken.response.body.access_token}}

The {{$dotenv %FOO}} syntax is some of the magic in the REST extension to access variables from the .env file

A "Send Request" option should light up above the POST statement, click that to make the request and you should get a pane popup with the response containing the access token (and other details)

It will store the access_token from the HTTP result into the authToken variable, to be available to subsequent requests

Calling the Azure APIs

Now you're set up to add more requests to the file and use the access token to call any Azure API

For example to list all resource groups, paste the following after the code above. Note. The comment line starting with three hashes ### is important and what the REST extension uses to delimit requests. We plug the authToken variable value into the Authorization header to authorise the request

### List all storage accounts for subscription
GET https://management.azure.com/subscriptions/{{$dotenv %AZURE_SUBSCRIPTION_ID}}/providers/Microsoft.Storage/storageAccounts?api-version=2019-06-01
Authorization: Bearer {{authToken}}

One again, hit "Send Request" just above the GET and you should get a reply from Azure listing all your resource groups. Neat!

Summary

The REST Client for VS Code makes authentication to call Azure APIs a simple and reusable task. Then calling those APIs can be easily set up without ever needing to leave your IDE