Reputation: 125
I'm kinda lost, I'm trying to trigger a pipeline manually using the following:
I use to generate an access token using the following:
But I encountered the following error:
I'm not sure if it's related but I am assigned as a Data Factory Contributor Role, I can make pipelines but I could not publish them. But token does not says it is account related so.
I'm not sure if my client id and client secret are correct, it is the same as the one used for the database same subscription but different resource group.
How can I obtain the correct access token or is this even possible?
Upvotes: 0
Views: 1865
Reputation: 22542
I tried to reproduce the same in my environment and got below results:
I registered one Azure AD application and added API permission
like this:
Now, I generated access token via Postman same as you with below parameters:
GET https://login.microsoftonline.com/<tenantID>/oauth2/token
grant_type:client_credentials
client_id: <appID>
client_secret: <secret>
resource: https://management.azure.com/
Response:
When I ran the same query to trigger Azure Data Factory pipeline by including above access token via Postman, I got same error as below:
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DataFactory/factories/{factoryName}/pipelines/{pipelineName}/createRun?api-version=2018-06-01
Response:
To resolve the error, you need to assign Data Factory Contributor
Role to service principal/application with client ID in error response, before generating access token.
Go to Azure Portal -> Data factories -> Your Data Factory -> Access control (IAM) -> Add role assignment
After assigning role to service principal, generate access token again and use it to run query.
When I ran query with new access token, I got response successfully like below:
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DataFactory/factories/{factoryName}/pipelines/{pipelineName}/createRun?api-version=2018-06-01
Response:
In your case, make sure to assign Data Factory Contributor
role to service principal(Azure AD application) to resolve the error.
Upvotes: 1