This uses so-called client credentials grant for accessing the API. There are also authorization via code to get the token mentioned below.

In your account open the azure shell. After connecting create the principal

az ad sp create-for-rbac --role Contributor --scope /subscriptions/<your subscription id>

Subscription id can be obtained from URL when you are logged in to portal.azure.com or with this command

az account show --query id -o tsv

You should get the following similar info

{
  "appId": "257xxxxxxxxxxxxxxxxxxxxxx",
  "displayName": "azure-cli-2022-08-30-10-52-10",
  "password": "xxxxxxxxxxxxxxxxxxxxx",
  "tenant": "4aedxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}

This data can now be used to get query the API but you still need the BearerToken which can be obtained via this script, which can be used in Postman as a “Pre-request Script”

You can also get the token via curl see this

1. In the Azure portal, in App registrations, select your application.
2. Select Certificates & secrets > Client secrets > New client secret.
3. Add a description for your client secret.
4. Select an expiration for the secret or specify a custom lifetime. Client secret lifetime is limited to two years (24 months) or less. You can't specify a custom lifetime longer than 24 months. Microsoft recommends that you set an expiration value of less than 12 months.
5. Select Add.
6. Record the secret's value for use in your client application code. This secret value is never displayed again after you leave this page.

• Microsoft Azure accessed on 2022-08-30

• Updateing Azure database firewall via Azure API

• https://blog.jongallant.com/2021/02/azure-rest-apis-postman-2021/
• https://docs.microsoft.com/en-us/rest/api/azure/
• https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow#get-a-token