I login to adls gen 2 by these POST request:
https://login.microsoftonline.com//oauth2/v2.0/token
Request body:
grant_type:client_credentials
client_id: my_client_id from App registrations -> Owned applications -> Mu application
client_secret: my_client_secret from App registrations -> Owned applications -> My application
scope: https://storage.azure.com/.default
provider_type: org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider
And get successfull responce code 200:
{
"token_type": "Bearer",
"expires_in": 3599,
"ext_expires_in": 3599,
"access_token": <token>
}
After I tryed to create filesystem by using following PUT request: https://dbmiadlsgen2.dfs.core.windows.net/mydata?resource=filesystem
Headers:
Authorization - Bearer Content-Type - text/plain x-ms-version - 2018-11-09
And get folloing error:
{
"error": {
"code": "AuthorizationPermissionMismatch",
"message": "This request is not authorized to perform this operation using this permission.\nRequestId:bcb4c0d3-901f-00cc-0722-2b7f0c000000\nTime:2019-06-25T06:54:57.3437434Z"
}
}
I get grand to my user from azure portal: Storage Blob Data Contributor role, but it is not help...
How do you think what kind of role I should use? Are some request body or header parameters incorrect? Thank you.
