I figured out the issue.
At https://learn.microsoft.com/en-us/azure/azure-monitor/logs/api/access-api there are instructions to setup your Log Analytics request header with Authorization: bearer <your access token>. The problem is, when the 1st letter in bearer is lower case you get the following error.
Microsoft documentation says:
Use the token in requests to the Log Analytics endpoint:
POST /v1/workspaces/your workspace id/query?timespan=P1D
Host: https://api.loganalytics.azure.com
Content-Type: application/json
Authorization: bearer <your access token>
Body:
{
"query": "AzureActivity |summarize count() by Category"
}
Error returned if 1st letter in bearer is lower case.
{
"error": {
"message": "Valid authentication was not provided",
"code": "AuthorizationRequiredError",
"correlationId": "e73fa45e-a3ac-4bde-8af0-3205e77a8074"
}
}
Recommendation - update content at web site so bearer is alway Bearer.