none
400/403 when annotating assets with REST API RRS feed

  • Question

  • Hi,

    I came across a weird issue when annotating assets in ADC.

    Currently, I have access to two different catalogs (within two separate organizations). For both I have the same setup. Web App registered in AAD with delegated permissions and all possible permissions allocated to this app in the catalog itself (note the below issue is not produced due to using the principal web app, I got the same results when using the Native app).

    I have written an application that annotates catalog assets (imported from SQL Server using the standard Azure Data Catalog tool) using the REST API. When I use this app to annotate assets in the first catalog, everything works without an issue. All request return 200 and everything is annotated correctly.

    However, when I try to do the same with the other catalog, the same request suddenly produce errors. While I am still able to perform GET request without an issue, POST/PUT requests always return 400/403.

    For example when adding description (POST) to SQL Server table in the second catalog, I get error code 400:

    {"error":{"code":"MissingViewItemIdentity","message":"View item path must end with an item identity for this operation."}}.

    For the completely identical operation in the other catalog, I get 200.

    What is even weirder, I tried to replicate this simply using POSTMAN app. When doing POST/GET operations against the first catalog, everything works perfectly. When doing the same against the second, I get 401 error code.

    Any idea, what might cause this behavior? Could there be some specific setting in AAD that might cause this?

    Thanks,

    raisjo

    Friday, September 14, 2018 10:53 AM

All replies

  • Can you please let me what access do you have in one which is working and in one which is not working? This seems like a permission issue
    Friday, September 14, 2018 6:37 PM
    Moderator
  • For both, the setup seems to be the same. At least as far as Data Catalog settings and the Application Registration in the ADC are concerned.

    Data Catalog

    The registered principal Web Application has Admin permissions for Catalog, admin permissions for Glossary and All permissions to register/annotate/take ownership.

    Azure Active Directory

    In AAD the principal Web Application has delegated permissions for the catalog.

    Any other permissions/roles in Azure that may influence this?

    Thank you.

    Wednesday, September 19, 2018 9:00 AM
  • Can you share the code or link to the documentation you used?

    Thanks.

    James

    Wednesday, October 3, 2018 9:29 PM
    Moderator