I am Facing Authentication failed for Active Directory Tenant when attempting to publish my named value has a reference to a KV

[vinilka8]

Please describe the feature.

"Authentication failed for Active Directory Tenant: 'https://login.microsoftonline.com/***' ClientId: '########-5e10-47b0-8ef4-e1a21b95ffa2' CorrelationId: '', exception: 'An error occurred while sending the request.'.","details":null}}'.

When I am publishing the named value I facing this issue, my named value has a reference to a KV and a secret.
In APIM I see activity log, it shows an attempt to create a named value and also showing the correlationId, Erro stating that it's Null.

[github-actions]

  Thank you for opening this issue! Please be patient while we will look into it and get back to you as this is an open source project. In the meantime make sure you take a look at the [closed issues](https://github.com/Azure/apiops/issues?q=is%3Aissue+is%3Aclosed) in case your question has already been answered. Don't forget to provide any additional information if needed (e.g. scrubbed logs, detailed feature requests,etc.).
  Whenever it's feasible, please don't hesitate to send a Pull Request (PR) our way. We'd greatly appreciate it, and we'll gladly assess and incorporate your changes.

[laksharun]

I believe you need to enabled System Identity on your APIM instance and grant access to the identity to your keyvault to read the secrets.

[vinilka8]

that has been done, same issue facing

Using slightly different configuration

[guythetechie]

Since it looks like an authentication issue, I would suggest testing with the portal. Create a named value pointing to that Key Vault secret, and if it works, run the extractor to see the generated artifact in artifacts/named values/namedValueInformation.json. This should show you the necessary format for your configuration override.

[vinilka8]

yes that was done, I have created a named value pointing to a Key Vault on DEV instance and extracted, this how it's look like

publishing back to DEV works absolutely perfect,
BUT
publishing to upper environment like TST, QA, or PROD, it's failing with bellow error, same as above
"Authentication failed for Active Directory Tenant: 'https://login.microsoftonline.com/***' ClientId: '7eb6ef34-5e10-47b0-8ef4-e1a21b95ffa2' CorrelationId: '', exception: 'An error occurred while sending the request.'.","details":null}}'.

we are using managed identity and it's has a full access to KV

[guythetechie]

What is the application with the client ID in the error message (7eb6ef34-5e10-47b0...)? You can find it in Microsoft Entra ID ->
App Registrations -> All applications.

[vinilka8]

issue is resolved, issue was on network side, thanks for help