Share via

Authorization Failed

Lavanya Bhajanthri 200 Reputation points
2023-11-02T06:16:14.72+00:00

I attempted to programmatically invoke an Azure Data Factory pipeline from an Azure Function, but I encountered the following error:

Error Details:

AuthorizationFailed: The client ‘XXXX-XXXXX-XXXX’ with object id ‘XXX82905-XXXX-XXXXX’ does not have authorization to perform the action ‘Microsoft.DataFactory/datafactories/datapipelines/read’ over the scope /subscriptions/XXXXXX-4b15-84c6-38362XXXXXX/resourcegroups/ff farg/providers/Microsoft.DataFactory/datafactories/ADFTestFFFS/datapipelines/ADF TutorialPipelineCustom.

I’ve tried searching for similar issues, but I couldn’t find a solution. Could you please provide guidance on what might be causing this problem? Our objective is to run a Data Factory pipeline whenever a file is added to a blob, and to achieve this, we are attempting to trigger the Data Factory pipeline from an Azure Function using a blob trigger.

Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
11,625 questions
Accepted answer
  1. Smaran Thoomu 24,110 Reputation points Microsoft External Staff Moderator
    2023-11-02T07:19:35.2766667+00:00

    Hi Lavanya Bhajanthri,

    Thank you for reaching out to us with your query.   

    It seems like the error message you received is related to a permission issue. The error message indicates that the client with the specified object ID does not have the required permission to perform the specified action.

    To resolve this issue, you need to ensure that the client has the necessary permissions to perform the action. You can grant the required permissions by assigning the appropriate role to the client.

    To assign a role to the client, you can follow these steps:

    1. Go to the Azure portal and navigate to the Data Factory instance that you are using.
    2. Click on the "Access control (IAM)" tab.
    3. Click on the "+ Add" button and select "Add role assignment".
    4. In the "Add role assignment" blade, select the appropriate role that you want to assign to the client. For example, you can select the "Data Factory Contributor" role.
    5. In the "Assign access to" section, select "User, group, or service principal".
    6. In the "Select" field, enter the object ID of the client that you want to assign the role to.
    7. Click on the "Save" button to save the role assignment. Once you have assigned the appropriate role to the client, you should be able to perform the specified action without encountering the "AuthorizationFailed" error.

    In case, if you are experiencing the same issue after assigning the permission. I would request you to share the screenshot of the permission you had on the data factory.

    I hope this helps! Let me know if you have any further questions.

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Nandan Hegde 36,146 Reputation points MVP Volunteer Moderator
    2023-11-02T06:52:32.8833333+00:00

    Hey,

    Any reason why you are triggering via Azure function and not use Event trigger of ADF directly ?
    https://learn.microsoft.com/en-us/azure/data-factory/how-to-create-event-trigger?tabs=data-factory

    Also to trigger the ADF pipeline, the Azure function or the App needs access on ADF. So give contributor access to that Azure function on ADF

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.