rest api unauthorized Azure Data Catalog

泄露秘密 提交于 2019-12-12 06:31:01

问题


I am using Azure Data Catalog of my organization. I am not creator/administrator/owner of the Catalog but I have access to register/delete catalogs from the web interface.

I want to use rest API for Azure Data Catalog. Is it possible with my level of permission? I have followed all the steps from https://msdn.microsoft.com/en-us/library/mt428033.aspx and written the following piece of code:

class Program
{
    static void Main(string[] args)
    {
        string url = "https://api.azuredatacatalog.com/catalogs/DefaultCatalog/search/search?searchTerms=My_Server&count=10&startPage=1&api-version=2016-03-30";

        HttpWebRequest request = System.Net.WebRequest.Create(url) as System.Net.HttpWebRequest;


        Console.WriteLine(AccessToken().CreateAuthorizationHeader());


        try
        {
            WebResponse response = request.GetResponse();
            Console.WriteLine(response.ContentLength);
        }
        catch (Exception e)
        {
            Console.WriteLine(e);
        }

        Console.ReadKey();
    }

    static AuthenticationResult AccessToken()
    {
        string resourceUri = "https://datacatalog.azure.com";

        string clientId = "my-client-id";

        string redirectUri = "my-redirect-uri";

        string authorityUri = "https://login.windows.net/common/oauth2/authorize";
        AuthenticationContext authContext = new AuthenticationContext(authorityUri);

        return authContext.AcquireToken(resourceUri, clientId, new Uri(redirectUri), PromptBehavior.RefreshSession);

    }
}

and when I try to run the search from API, I get the following error:

System.Net.WebException: The remote server returned an error: (401) Unauthorized. at System.Net.HttpWebRequest.GetResponse() at HRBIADCAPI.Program.Main(String[] args) in c:\users\naghimir\documents\visual studio 2015\Projects\HRBIADCAPI\HRBIADCAPI\Program.cs:line 32

Now I think the problem is that I have not given access to the client program created to read/write data catalog (that I did in Azure Data Factory) but that step is not there in the documentation either.

Do I need to be the owner or can I request permission from the owner to use Azure Data Catalog API?


回答1:


Based on the description, you were using the OAuth 2.0 code grant flow to grant the app to delegate the user to manipulate the Azure Data Catalog.

To ensure the request works well, we need to grant the scope to the app like figure below:

And since the app only delegate the users’ permission, please ensure that user have the sufficient permission to operate the resource manfully.



来源:https://stackoverflow.com/questions/40214230/rest-api-unauthorized-azure-data-catalog

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!