Extracting metadata from Azure Data Factory (ADF) requires appropriate permissions. Without the required access, the connection may fail or return incomplete metadata.
The import bridge connects to Azure Data Factory hosted in Microsoft Azure using Azure Active Directory (Azure AD) Service Principal authentication. Authentication is performed using OAuth2 through the Microsoft Authentication Library (MSAL) against Azure Resource Manager (ARM) APIs.
- Client ID (Application ID)
- Client Secret
- Tenant ID
- Register an Azure AD Application: Before connecting, you must create an
application registration in Azure AD.
- Go to the Microsoft Azure Portal
- Navigate to Azure Active Directory → App registrations
- Click New registration
- Configure the application:
- Name: (e.g.,
MIMB-ADF) - Supported account type: Single-tenant
- Redirect URI: Not required
- Name: (e.g.,
- After creation, copy the Application (client) ID and Directory (tenant) ID
- Go to Certificates & secrets
- Click New client secret
- Copy and securely store the Client Secret valueNote: The client secret value is shown only once. Store it securely.
- Assign Required Permissions (RBAC): To allow metadata extraction from
Azure Data Factory, assign read access to the Service Principal.
- Minimum Required Role is Reader
- Recommended Role (if available) is Data Factory Reader
- Assign Role via Azure Portal
- Navigate to your Azure Data Factory instance
- Open Access Control (IAM) and Click Add Add role assignment
- Select one of the roles:
- Reader
- Data Factory Reader
- Assign access to the Service Principal (Application) you
created.Note: Do not assign the role to a user account. The Service Principal must have direct access.