locked
Digital Twin provision sample error 403 RRS feed

  • Question

  • Hello,

    I have been exploring the digital twin module and have followed the digital twin "Tutorial: Deploy Azure Digital Twins and configure a spatial graph" and "Tutorial: Provision your building and monitor working conditions with Azure Digital Twins".
    Up until configuring the digital twin sample there are no problems and all settings are correct. After running the "dotnet run Provision Sample" I get the following error:

    trce: DigitalTwinsQuickstart[0]
    Request: POST <URL>
    trce: DigitalTwinsQuickstart[0]
    Response Status: 403, Forbidden {"error":{"code":"403.600.000.001","message":"System error."}}
    Completed Provisioning: []

    It seems like the "GETS" are succesfull, but whenever it tries a POST it fails.

    I hope someone can help me out.

    Thanks in advance,


    Tuesday, March 19, 2019 12:14 PM

Answers

  • This is a duplicate from a GitHub issue. https://github.com/Azure-Samples/digital-twins-samples-csharp/issues/63

    Adding response from that thread for future reference:

    The user which is trying this provision is not the same user that deployed the DT instance. If you are getting 403, it means you are not authorized by the system and you need higher permissions. Please ask the user which deployed the instance to create a role assignment for the user that gets 403. See article on how to create a role assignment https://docs.microsoft.com/en-us/azure/digital-twins/security-create-manage-role-assignments
    For example, a "Space Administrator" role assignment on the root node can be created for user which gets 403 like following
    POST on YOUR_MANAGEMENT_API_URL/roleassignments

    {
    "RoleId": "98e44ad7-28d4-4007-853b-b9968ad132d1",
    "objectId" : "",
    "objectIdType" : "UserId",
    "tenantId": "< Azure tenant id>",
    "Path": "/"
    }

    Wednesday, March 27, 2019 4:07 PM