- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Newbie help with Pipeline copy from Web API that uses header token
Hi, I'm (completely) new to data pipelines - I come from a Power BI world so I know dataflows not pipelines.
I'm trying to use a COPY activity to copy data from a web API. From PowerShell I'm able to call the web API using code similar to the following. I'd like to use a COPY activity to do the same.
The issue I'm running in to is creating the connector. The API connector only allows you to choose NONE or BASIC for the authentication types. I see in this post Solved: Web API: Headers in Web-Activity vs. Headers in Co... - Microsoft Fabric Community that it's possible to add in header token info after the connection is created. But I'm unable to create the connection in the first place due to authentication failing because I can't pass in the header token in the "create connection" dialog.
Any advice on how to get this to work?
Thanks,
Scott
p.s. the PowerShell script I use is similar to the following:
$uri = 'https://someurl.com/api/nameofapitouse'
$headers = @{
'some_api_token' = 'HARD CODED token value given to our organization to use'
}
$DataFromAPI = Invoke-RestMethod -Uri $uri -Method Get -Headers $headers
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1st step, get bearer token with a Web Activity.
2nd step, add output from the 1st step into authorization header of copy source connector (source connection is a "dummy" connection when created with anonymous/none authetication type, runtime get authenticated with bearer token header) .
You can refer to How to pass bearer token API in Azure Data Factory - Stack Overflow.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @GraceGu , I had actually seen (and tried) that Stack Overflow post with no success. I'm unable to create a dummy connection using anonymous/none type - when I try, it fails to authenticate and won't let me continue - so the dummy connection never gets created. Screenshot below.
Since I'm unable to get the dummy connection to save, I'm not able to move forward to the point where I can add the header info. Any suggestions?
Thanks,
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey Scott,
for the copy activity you need to use a WEB connector. Give it the base URL and no authentication. Then in the copy activity itself on the source tab, you can define the connection type as REST. Complete the rest of the URL in the Relative URL field and then you open the advanced options and add your Authorization header.
It stumped me for an hour when I first encountered it, it's really not intuitive. The REST connector is only useful in very limited scenarios, for anything needing a bearer token it has to be WEB. Especially frustrating considering all of the MS REST APIs actually need bearers, so you can't use the connector for anything they produce 😄
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi @DavidCousins , trying to follow your suggestion but not making much progress. I set up a pipeline and add a copy activity, then go to the Sources tab:
When I click to add the new connection, there isn'ta WEB connector offered, only HTTP or REST:
With either of those two options, I don't have the opportunity to enter the header token, and therefore can't get past connector creation.
Am I missing something? I did notice that I can add a WEB activity directly in to the pipeline, and using it I can enter the header info and it seems to return data - but I'm not sure at that point how to "hook it up" to the copy activity so it can be used as a source.
Sorry for the newbie questions, thank you for the assistance!
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I wasnt as clear as I could have been, so no worries! I can't add images sadly, but heres some instructions:
- In your pipeline create string Variables called bearer_type and bearer_token and set the values as your "some_api_token" and "hard coded" token, respectively
- In a copy activity for source create a HTTP source against the base URL for your API. In your example it's https://someurl.com/
- Use Anonymous for the authentication of this connection. If this URL isnt publically pingable then this will fail and you won't be able to do this until On-Prem data gateways are enabled for data factory to use.
- In the copy activity set the connection type to REST
- In the Relative URL build whatever string you need. Your example would be:
- /api/nameofapitouse
- Under advanced set the request method to GET
- Create 1 Additional headers
- Header Name = Authorization
- Value (use dynamic content) =
@concat(
variables('bearer_type')
, ' '
,variables('bearer_token')
)
- Now setup your sink
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unfortunately this does indeed fail at step 3. I did see an article posted here https://blog.fabric.microsoft.com/en-us/blog/data-pipelines-tutorial-ingest-files-into-a-lakehouse-f... that might show another way to do this - if so I'll update here.
Thanks!
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
p.s. and here's the section where you actually create the source connection. As you can see, until you pick a valid connection, the section where you can enter the additional header info doesn't even show.
Thx,
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This should work. Can you please troubleshoot if the issue is due to the specific URL you are providing, start with anonymous and any other public endpoint say https://wikipedia.org and see if that works. If you need better support, please file a support ticket for the connection creation issue, as this is a supported scenario.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@ajarora Yep I'll open ticket, no worries. You absolutely can't hit the URL without the header token, and I can't enter the header token until after I can successfully connect. Kinda stuck in a loop.
I'll update this post after working with an engineer and getting this figured out.
Thanks!
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
p.s. yes this does work with public APIs (I used the Star Wars api to test). In our case the URL is from a vendor and it is not accessible using anonymous, you have to pass the header token.
Thanks,
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ok, then that's why the connection creation is failing. The UX will attempt to establish a connection and fail if it cant (due to header missing). So ideally you need ability to "skip test connection", or add headers to Rest connection, during connection creation.
May I ask, what token needs to be sent here in the header, is it an AAD token, or some other auth means ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yep I agree, and think the add headers to Rest connection during connection creation is the right way to go.
Re: the header itself, here's a snippet from PowerSHell that I use. The token is a specifically created large ugly string that has been created for our organization to hit the endpoint. Not Azure AD, but it is used by the api to authenticate that we're allowed to hit it.
$uri = 'https://someurl.com/api/nameofapitouse'
$headers = @{
'some_api_token' = 'HARD CODED token value given to our organization to use'
}
$DataFromAPI = Invoke-RestMethod -Uri $uri -Method Get -Headers $headers
Hope this helps!
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Who mints this token ? If its an AAD token, is that a user token belonging to you ? or a SPN token, belonging to an AAD enterprise App, (or MSI/UAMI flavor of identities) ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry you're asking questions above my knowledge level! All I can say is we reach out to this vendor and say "we need a token to hit your APIs", and then somehow we get this very long, very ugly string that when we stick in the header using the PowerShell code above it works.
The URL is hosted by the vendor, not in Azure or Google or anything as far as I know.
Hope this helps and sorry I don't know more!
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good enough, thanks. Unfortunately I dont see any workaround for now in Fabric.
Please submit an idea to support new auth type in Rest connection (via auth headers ?), if there isnt one already.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Will do - thank you!
Scott

Helpful resources
Join us at the Microsoft Fabric Community Conference
March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!
Fabric Monthly Update - February 2025
Check out the February 2025 Fabric update to learn about new features.

Subject | Author | Posted | |
---|---|---|---|
07-05-2023 06:38 AM | |||
10-25-2024 08:47 AM | |||
08-28-2024 03:58 PM | |||
05-02-2024 04:54 PM | |||
01-20-2025 01:27 AM |
User | Count |
---|---|
6 | |
4 | |
2 | |
1 | |
1 |
User | Count |
---|---|
13 | |
11 | |
5 | |
5 | |
4 |