Azure data factory REST API throwing error

Question

Azure data factory REST API throwing error

Vikas Tiwari 771

I am trying to fetch data through data factory using REST API OAuth2ClientCredentails, but I am getting error : {"error_description":"access_denied","error":"server_error"}, where as its working through postman and able to fetch bearer token, also its working using basic auth.

Is there any data factory sample example using REST API OAuth2ClientCredentails flow?

MartinJaffer-MSFT 26,236 Reputation points

2021-10-29T18:25:41.19+00:00

Hello @Vikas Tiwari and welcome to Microsoft Q&A.

May I ask what api you are querying against?

Also, a reminder, bearer tokens are specific to the machine which requested them. That means, the bearer token which worked under Postman on your personal computer, would not be valid when used from Data Factory, or some other computer.

Would an example fetching data from Azure Storage (either blob or Data Lake gen 2) be sufficient?
Vikas Tiwari 771 Reputation points

2021-10-29T19:13:16.113+00:00

Hi @MartinJaffer-MSFT Thanks for your reply, I am trying to fetch token/data from Salesforce API the flow looks like SF -> ADF -> Blob storage.
I understand token might not be valid but I am trying fetch fresh bearer token from ADF rest connector (not re-using token received from postman). I used postman to make sure my credentials are correct.

I am using template "Copy from REST connector to ADLS Gen2" but when I select OAuth2ClientCredetial as an auth type it ask for client_id and secret but there is no section to pass username, password and grant_type.

Any example which shows how to setup REST API connector using OAuth2ClientCredentials would work.
Lee Whieldon 6 Reputation points

2022-01-25T14:23:04.907+00:00

I too am having trouble using OAuth2ClientCredentials REST Linked Service - I need to be able to pass in a redirect_uri & I have no clue how to find ADF's redirect_uri that I can save in my source app (in this case, it's LinkedIn). Any advice on that front?
MartinJaffer-MSFT 26,236 Reputation points

2022-02-01T18:05:02.83+00:00

That is usually broken into 2 steps, @Lee Whieldon . This is because there isn't a place for the redirect_uri.

First is a Web activity to handle getting the authentication stuff.
Second is to copy from the REST.

See HERE for implentation details.

1 answer

Your answer

MartinJaffer-MSFT 26,236 Reputation points

2021-10-29T18:25:41.19+00:00

Hello @Vikas Tiwari and welcome to Microsoft Q&A.

May I ask what api you are querying against?

Also, a reminder, bearer tokens are specific to the machine which requested them. That means, the bearer token which worked under Postman on your personal computer, would not be valid when used from Data Factory, or some other computer.

Would an example fetching data from Azure Storage (either blob or Data Lake gen 2) be sufficient?
Vikas Tiwari 771 Reputation points

2021-10-29T19:13:16.113+00:00

Hi @MartinJaffer-MSFT Thanks for your reply, I am trying to fetch token/data from Salesforce API the flow looks like SF -> ADF -> Blob storage.
I understand token might not be valid but I am trying fetch fresh bearer token from ADF rest connector (not re-using token received from postman). I used postman to make sure my credentials are correct.

I am using template "Copy from REST connector to ADLS Gen2" but when I select OAuth2ClientCredetial as an auth type it ask for client_id and secret but there is no section to pass username, password and grant_type.

Any example which shows how to setup REST API connector using OAuth2ClientCredentials would work.
Lee Whieldon 6 Reputation points

2022-01-25T14:23:04.907+00:00

I too am having trouble using OAuth2ClientCredentials REST Linked Service - I need to be able to pass in a redirect_uri & I have no clue how to find ADF's redirect_uri that I can save in my source app (in this case, it's LinkedIn). Any advice on that front?
MartinJaffer-MSFT 26,236 Reputation points

2022-02-01T18:05:02.83+00:00

That is usually broken into 2 steps, @Lee Whieldon . This is because there isn't a place for the redirect_uri.

First is a Web activity to handle getting the authentication stuff.
Second is to copy from the REST.

See HERE for implentation details.

Answer 1

MartinJaffer-MSFT 26,236

My apologies for the delay @Vikas Tiwari . My home office had an internet outage.

Below are taken from one of my proof of concept pipelines. In practice, it is terrible idea to hardcode the credentials. It is better to retrieve from KeyVault. The client Id might be called username, and secret called password, in some other system.

Token Fetching URL:  
  
https://login.microsoftonline.com/mySubscriptionId/oauth2/v2.0/token  
  
Token Fetching Body:  
  
grant_type=client_credentials&client_id=myCliendId&client_secret=myClientSecret=&scope=https://storage.azure.com/.default  
  
Extract token from response expression:  
  
@activity('Get Token').output.access_token

Vikas Tiwari 771 Reputation points

2021-11-03T13:36:18.237+00:00

Thanks @MartinJaffer-MSFT I am also passing parameters exactly same way but still getting error.
MartinJaffer-MSFT 26,236 Reputation points

2021-11-05T17:31:44.547+00:00

@Vikas Tiwari
Can you share what API you are calling against? Also the full error / output. Or perhaps the full JSON you are using on ADF and Postman?

What return code did the error give you? If you didn't get one, this request might not even be getting to the API. Perhaps it is blocked by a firewall.

Oauth2ClientCredential does not use username & password to my understanding. Username & password is for basic authentication.

Share via

Azure data factory REST API throwing error

1 answer

Your answer