Share via

How to get access token to fetch pipeline run status through Azure Synapse REST API

Ping Li 21 Reputation points Microsoft Employee
2023-11-08T23:22:42.45+00:00

Hi team,

I am calling Azure Synapse REST API to fetch pipeline run status https://learn.microsoft.com/en-us/rest/api/synapse/data-plane/pipeline-run/query-pipeline-runs-by-workspace?view=rest-synapse-data-plane-2020-12-01&tabs=HTTP

But I got authorization failed error with access token. I added the reader access of the workspace to AAD application.User's image

User's image

User's image

I am wondering if my setup has any issue?

Many thanks,

Ping

Azure Synapse Analytics
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-11-09T13:23:22.32+00:00

    @Ping Li

    Thanks for the question and using MS Q&A platform.

    • Check the expiration time of the access token you are using. If it has expired, you will need to obtain a new access token by following the AAD authentication process.
    • Check if the AAD application has the correct permissions to access the Synapse workspace. You can do this by going to the AAD application's "API permissions" and verifying that it has the necessary permissions for the Synapse workspace.
    • Ensure that the AAD application has Synapse roles are Workspace Admin, SQL Admin, and Spark Admin.
    • Check AAD application has the Contributor role assigned to it in the Azure portal under Synapse Workspace User's image
    • Ensure that the AAD application has the necessary SQL permissions assigned to it. User's image

    Verify that you are using the correct access token when making the API call. You can use the Azure AD v2.0 endpoint to acquire the access token.

    $tenantId = "your-tenant-id"
$clientId = "your-client-id"
$clientSecret = "your-client-secret"
$resource = "https://dev.azuresynapse.net"

$tokenEndpoint = "https://login.microsoftonline.com/$tenantId/oauth2/token"
$body = @{
    grant_type = "client_credentials"
    client_id = $clientId
    client_secret = $clientSecret
    resource = $resource
}

$accessTokenResponse = Invoke-RestMethod -Method Post -Uri $tokenEndpoint -Body $body
$accessToken = $accessTokenResponse.access_token

    Make sure that the access token is included in the Authorization header of your API request. The header should be in the format "Bearer {access-token}".

    $endpoint = "https://your-workspace.dev.azuresynapse.net/queryPipelineRuns?api-version=2020-12-01"
$headers = @{
    "Authorization" = "Bearer $accessToken"
}
$response = Invoke-RestMethod -Method Post -Uri $endpoint -Headers $headers

     I hope this helps! please do Let us know if you have any further questions.

    1 person found this answer helpful.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.