How to manage every Microsoft Azure user resource with access token?
I would like to create an MVC application, where users can be authorized with their Azure subscription and after that my application can manage their resources hosted in Microsoft Azure (VM-s, Web Sites, etc.)
I created an application with the help of this tutorial.
I can create cloud storages, VMs, etc, so it seems works fine.
After that I tried to log in with a different Azure account. I can get the Subscription, but I can't manage the resources of that user, I always get an exception:
Additional information: AuthenticationFailed: A security token exception occured for the received JWT token.
It seems that with this technique I can manage only my resources.
My question is how can I do the following with every other user? Can I do this with this method or I have to make it another way?
The application you are creating is allowed to access your resources, and not the resources of other subscriptions. If you want to manage other subscriptions you would need to have one application defined as in the tutorial for every subscription you want to manage.
AFAIK, there is no API to create an application in AAD, therefore your scenario would require users to manually create these applications, which seems to me a dealbreaker.