1,647 questions
I think the problem that I had was the way that I was using the access token in Postman - it worked when I did the below
Atlas endpoint "Resource not found" via Purview API
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 63%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMC%3C/text%3E%3C/svg%3E)
Mollie Chapman
5
Reputation points
Following this guide https://learn.microsoft.com/en-us/azure/purview/tutorial-atlas-2-2-apis I am trying to send any request to the atlas endpoint of my purview account (i.e. POST {{endpoint}}/api/atlas/v2/types/typedefs) or even just accessing the endpoint directly but the only response I get is: {"error":{"code":"ResourceNotFound","message":"Resource not found"}}.
I presume it is a problem with permissions but I have admin access to the subscription, resource group, purview account as well as all of the roles in the purview catalog (Collection admins_,_ Data source admins_,_ Data curators_,_ Data readers_,_ Insights readers_,_ Policy authors_,_ Workflow admins).
Can anyone suggest what could be configured incorrectly to not allow me to access the atlas endpoint?
Microsoft Security | Microsoft Purview
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 9%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
KranthiPakala-MSFT 46,642 Reputation points Microsoft Employee Moderator2023-07-14T00:30:36.3966667+00:00 @Mollie Chapman checking to see if you have got a chance to see my response. If so, could you please let me know how it goes after configuring Service principal and use it in your REST API Client?
Thank you
-
Mollie Chapman 5 Reputation points
2023-07-14T15:55:14.7933333+00:00 Hi @KranthiPakala-MSFT sorry I didn't mention I had already done the steps above to no avail. Any other suggestions are welcomed - thanks
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 33%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECA%3C/text%3E%3C/svg%3E)
Cayir Aydar, Aysegul 0 Reputation points2023-07-18T09:23:21.3933333+00:00 @Mollie Chapman , could you solve this problem? I have same issue.
Sign in to comment
3 answers
Sort by: Most helpful
-
Mollie Chapman 5 Reputation points
2023-07-18T13:00:16.1933333+00:00 -
KranthiPakala-MSFT 46,642 Reputation points Microsoft Employee Moderator
2023-07-12T21:29:01.18+00:00 @Mollie Chapman Thanks for using Microsoft Q&A forum and posting your query.
As per your statement looks like your user account has admin access to the subscription, RG, purview resource including other purview catalog permissions roles. But it doesn't state if your REST API client is using your credentials or a Service principal.
Hence, I recommend going through this document to ensure you have covered all the prerequisite to trigger Purview Atlas 2.2 APIs using your REST API Client.
As per the public document, it states that for a REST API client to access the catalog, the client must have a service principal (application), and an identity that the catalog recognizes and is configured to trust. When you make REST API calls to the catalog, they use the service principal's identity.
Customers who have used existing service principals (application IDs) have had a high rate of failure. Therefore, we recommend creating a new service principal for calling APIs.
Once after creating the service principal, please ensure to grant API permission to access Purview APIs as shown below:
Then the next step will be to assign the data plane roles of your purview account to the service principal created in the previous step at the root collection level. This is clearly documented here: Microsoft Purview - Set up authentication using service principal
If you are not sure what exact permissions is needed, the I highly recommend going through this document to understand the Purview permissions and their scope. Microsoft Purview - Who should be assigned to what role?
In addition , please double check if the endpoint used in the API URL is correct .
Hope this info helps. Let us know how it goes.
Thank you
-
Cayir Aydar, Aysegul 0 Reputation points
2023-07-18T09:27:32.3066667+00:00 @Mollie Chapman , could you solve you problem? I have a same problem.
-
Cayir Aydar, Aysegul 0 Reputation points
2023-07-18T13:10:40.5+00:00 @Mollie Chapman , where did you get Bearer Token
-
KranthiPakala-MSFT 46,642 Reputation points Microsoft Employee Moderator
2023-07-19T15:40:41.41+00:00 @Cayir Aydar, Aysegul You can get the bearer token by making the below POST api call using your Service principal details.
POST https://login.microsoftonline.com/<replace this with your service principal tenant ID>/oauth2/v2.0/tokenOnce you have the bearer token, then you can use that token as Authorization in your actual API calls (Please note that bearer token is active only for 1 hours and your will have to generate another token after it expires in 1 hour).
Hope this info helps.
-
Cayir Aydar, Aysegul 0 Reputation points
2023-07-20T07:14:32.37+00:00 Thank you
-
Cayir Aydar, Aysegul 0 Reputation points
2023-07-20T12:18:54.1366667+00:00 OK Thank you, it will be more helpful for me.
Sign in to comment -