question

Khushboo-8833 avatar image
0 Votes"
Khushboo-8833 asked KranthiPakala-MSFT commented

Issue while executing REST API for Azure Purview

Hi,

We have our Azure Purview Account deployed on Azure portal.
To execute REST API we are using Postman. Here we first generate our token and then using that token we try to execute the API. Each time we are executing the API we are getting the below error message - {"error":{"code":"Unauthorized","message":"Not authorized to access account"}} (403 Forbidden).
We tried giving permissions but not very sure what are the necessary permissions to be granted to be able to extract data or push data to Purview using API.

Can you please help us on an urgent basis? This is for a customer demo.

Thanks.

Regards,
Khushboo Mehta

azure-purview
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @Khushboo-8833,

Just checking in to see if the below answer helped. If this answers your query, do click Accept Answer and Up-Vote for the same. And, if you have any further query do let us know.

0 Votes 0 ·

1 Answer

KranthiPakala-MSFT avatar image
0 Votes"
KranthiPakala-MSFT answered

Hello @Khushboo-8833,

Thanks for the question and using MS Q&A platform.

For accounts created on or after 8/18, we need to assign the service principal Purview Data Curator role at collection level and not in Azure Portal for these APIs to work. For more information, please refer to this doc: Create and manage collections in Microsoft Purview

You will have to assign the following roles to the service principal to access various data planes in Microsoft Purview.

  • Data Curator role to access Catalog Data plane.

  • Data Source Administrator role to access Scanning Data plane.

  • Collection Admin role to access Account Data Plane and Metadata policy Data Plane.

NOTE: Please note that only members of the Collection Admin role can assign data plane roles in Microsoft Purview.

To explore about the Access control in the Microsoft Purview Data Map please refer to this doc: Microsoft Purview - Who should be assigned to what role?

205283-image.png

205274-image.png

205207-image.png

Below is an important note from product team when you use existing service principals for calling Azure Purview REST APIs

205266-image.png

I would also recommend going through this helpful doc for using Purview REST APIs: Tutorial: Use the REST APIs

Hope this will help. Please let us know if any further queries.


  • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how

  • Want a reminder to come back and check responses? Here is how to subscribe to a notification

  • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators



image.png (81.9 KiB)
image.png (42.9 KiB)
image.png (96.8 KiB)
image.png (20.6 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.