Based on this old thread :
When encountering a 403 Forbidden error while trying to access the Synapse web UI, it typically indicates an issue with permissions or network configurations. To some extent it might have many reasons beyond normal.
To get the root of the incident, check the diagnostic logs in Azure Synapse and any related logs in your Azure environment for more detailed error messages and use Azure Monitor to gather more insights about the connection attempts and potential issues for specific solution.
However, I will provide you with possibility diagnosis that can solve the issue in a normal scenario:
- Ensure that the private endpoints for your Synapse workspace are correctly set up.
- Check that the DNS configuration is correctly resolving the private endpoint.
- Verify that the Network Security Groups (NSGs) associated with your private endpoints allow inbound traffic from your IP address or subnet.
- Ensure that the firewall settings on your Synapse workspace are correctly configured to allow access from your private endpoints.
- Ensure that the user account you are using has the necessary permissions to access the Synapse workspace.
- Check role assignments in Azure Synapse and ensure the user has at least the
Synapse Administrator
orSynapse Contributor
role. - Ensure that your DNS is correctly configured to resolve the private link FQDN to the private IP address of the private endpoint.
- If you are accessing the Synapse workspace from a VNet, ensure that the VNet integration is correctly configured.
- Check the VNet peering settings if your Synapse workspace and the accessing resources are in different VNets.
- Verify that the private link service has been approved and is in a
Connected
state.
If you could check through these lists, the problem should be solved and if not get back with more log report for best solution.