Search code examples
restazureazure-data-factoryazure-data-catalog

rest api unauthorized Azure Data Catalog

I am using Azure Data Catalog of my organization. I am not creator/administrator/owner of the Catalog but I have access to register/delete catalogs from the web interface.

I want to use rest API for Azure Data Catalog. Is it possible with my level of permission? I have followed all the steps from https://msdn.microsoft.com/en-us/library/mt428033.aspx and written the following piece of code:

class Program
{
    static void Main(string[] args)
    {
        string url = "https://api.azuredatacatalog.com/catalogs/DefaultCatalog/search/search?searchTerms=My_Server&count=10&startPage=1&api-version=2016-03-30";

        HttpWebRequest request = System.Net.WebRequest.Create(url) as System.Net.HttpWebRequest;


        Console.WriteLine(AccessToken().CreateAuthorizationHeader());


        try
        {
            WebResponse response = request.GetResponse();
            Console.WriteLine(response.ContentLength);
        }
        catch (Exception e)
        {
            Console.WriteLine(e);
        }

        Console.ReadKey();
    }

    static AuthenticationResult AccessToken()
    {
        string resourceUri = "https://datacatalog.azure.com";

        string clientId = "my-client-id";

        string redirectUri = "my-redirect-uri";

        string authorityUri = "https://login.windows.net/common/oauth2/authorize";
        AuthenticationContext authContext = new AuthenticationContext(authorityUri);

        return authContext.AcquireToken(resourceUri, clientId, new Uri(redirectUri), PromptBehavior.RefreshSession);

    }
}

and when I try to run the search from API, I get the following error:

System.Net.WebException: The remote server returned an error: (401) Unauthorized. at System.Net.HttpWebRequest.GetResponse() at HRBIADCAPI.Program.Main(String[] args) in c:\users\naghimir\documents\visual studio 2015\Projects\HRBIADCAPI\HRBIADCAPI\Program.cs:line 32

Now I think the problem is that I have not given access to the client program created to read/write data catalog (that I did in Azure Data Factory) but that step is not there in the documentation either.

Do I need to be the owner or can I request permission from the owner to use Azure Data Catalog API?

Solution

  • Based on the description, you were using the OAuth 2.0 code grant flow to grant the app to delegate the user to manipulate the Azure Data Catalog.

    To ensure the request works well, we need to grant the scope to the app like figure below: enter image description here

    And since the app only delegate the users’ permission, please ensure that user have the sufficient permission to operate the resource manfully.