procfwk icon indicating copy to clipboard operation
procfwk copied to clipboard

Published 20 hours ago verified publisher icon mrpaulandrew

Synapse Orchestrator: InvalidTokenAuthenticationAudience

Open ThorstenGH opened this issue 3 years ago • 1 comments

Hello,

Thanks for the great framework!

I ran into one issue: when running the "Check running pipeline" task (I am using Synapse pipelines instead of Data Factory), I get an InvalidTokenAuthenticationAudience error:

Error
{
    "errorCode": "BadRequest",
    "message": "Operation on target Check for Valid SYN Pipeline Name failed: {\"code\":\"InvalidTokenAuthenticationAudience\",\"message\":\"Token Authentication failed with SecurityTokenInvalidAudienceException - IDX10214: Audience validation failed. Audiences: '[PII is hidden]'. Did not match: validationParameters.ValidAudience: '[PII is hidden]' or validationParameters.ValidAudiences: '[PII is hidden]'.\"}",
    "failureType": "UserError",
    "target": "Is Parent Already Running",
    "details": ""
}

I think to fix it you need to replace the resource property in the utility pipeline in the orchestrator switch activity for the Synapse orchestrator from https://management.core.windows.net/" to https://dev.azuresynapse.net/

{
									"name": "Check for Valid SYN Pipeline Name",
									(...)
										"authentication": {
											"type": "MSI",
											"resource": "https://dev.azuresynapse.net/"

										}
									}
								},
								{
									"name": "Get SYN Pipeline Runs",
									(...)
										"authentication": {
											"type": "MSI",
											"resource": "https://management.core.windows.net/"
										}
									}
								}

Best, Thorsten

ThorstenGH avatar May 11 '21 11:05 ThorstenGH

@mrpaulandrew I am open to taking this. I resolved this issue on my local procfwk.

TacoTuesdayX365 avatar Aug 30 '22 17:08 TacoTuesdayX365