Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
2,996 questions
What are the correct claims to use in a logic app when calling from a synapse workspace that has managed identity?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 97%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
adv00000
6
Reputation points
Scenario: A Synapse Workspace with a Managed Identity is used to make an HTTP call to a Logic App. The Workspace identity is granted the Contributor role in the Logic App.
On the logic app trigger, using default claims (Audience, Issuer) with or without custom claims (v1 token claims appid and appidacr, or v2 token claims azp, azpacr) return a token mismatch error to the caller.
On Synapse side, a Web Activity is used with authentication set to "Managed Identity", with the same Audience as in the Logic App trigger in the "Resource" field of the Activity settings.
How can I get this working?
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 44%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Saurabh Sharma 23,791 Reputation points Microsoft Employee2022-01-24T20:53:32.59+00:00 Hi @adv00000 ,
Thanks for using Microsoft Q&A !!
Can you please elaborate more on "On the logic app trigger, using default claims (Audience, Issuer) with or without custom claims (v1 token claims appid and appidacr, or v2 token claims azp, azpacr)".
How are you passing and checking the claims to triggers ? What kind of trigger is it ?Thanks
Saurabh -
Saurabh Sharma 23,791 Reputation points Microsoft Employee
2022-01-26T22:00:47.337+00:00 Hi @adv00000 ,
We haven't heard back from you. Just wanted to check if you are you still facing the issue? In case If you already found a solution, would you please share it here with the community? Otherwise, let us know and we will continue to engage with you on the issue.Thanks
Saurabh -
adv00000 6 Reputation points
2022-04-06T09:30:23.037+00:00 Hello Saurabh, thanks for checking in, this was an http trigger. I could not get the claims to work with the Service Principal so I switched to using Managed Identity and was able to start the trigger successfully.
-
Saurabh Sharma 23,791 Reputation points Microsoft Employee
2022-04-06T15:53:27.057+00:00 Hi @adv00000 ,
Got it and thanks for sharing your solution to the community.Thanks
Saurabh
Sign in to comment