I have been trying to use the OneLake documentation for REST APIs to create a file without success.

Reference: https://learn.microsoft.com/en-us/fabric/onelake/onelake-access-api#onelake-and-adls-gen2-parity

See the detailed repro steps below,

-----

REPRO STEPS

1. Spin up a new CDX environment.
2. Create a new service principal to query the OneLake in Fabric
   • Go to Azure portal and then to App Registrations. Click on New to create.
   • Make a note of the Client ID, Tenant ID and create a new Client secret.
   • Make the following further configuration

     Path	Value/ action
     Name	bc2adls
     Authentication > Redirect URIs (Web)	https://onelake.dfs.fabric.microsoft.com/BusinessCentralData/SandboxEnvironment.Lakehouse/Files/
     Supported account types	Accounts in this organizational directory only (Contoso only - Single tenant)
     API Permissions > Configured permissions	Add the following permissions,   Grant admin content.
     Expose an API	Add a Scope OneLakeItem.Create with some text in the mandatory fields. Take a note of URL for this scope for use on the last step.

3. Create a new Azure security group called PowerBIAdmin and added owner as the Global administrator and a member with bc2adls service principal created above.
4. Now, setup Microsoft Fabric
   • Go to https://fabric.microsoft.com.
   • Click on the gear icon on the top ribbon and select Admin portal. Click on the menu for Tenant settings on the left.
   • Enable Fabric
     • Under Microsoft Fabric (Preview), uncheck “Accept Microsoft’s default selection”.
     • Click on Enabled and apply to The entire organization.
     • Click Apply.
   • Allow API access
     • Under Developer settings > Allow service principals to use Power BI APIs,
     • set Enabled = true
     • Apply to: The entire organization
     • Click Apply.
     • On the same page, under Admin API settings > Allow service principals to use read-only admin APIs,
     • Set Enabled = true
     • Apply to: Specific security groups, and add PowerBIAdmin security group
     • Click Apply.
   • Close the Admin portal.
5. [OPTIONAL- doing this does not change the outcome!] Under Azure Active Directory > Roles and Administrator, look for Power BI Administrator. Assign bc2adls service principal created above.
6. Setup the workspace in Fabric.
   • Create a workspace called BusinessCentralData.
   • Click on Manage access on the workspace and then click on Add people or groups. Add these roles for the users / service principals / security groups,
     
   • Create a new lakehouse in the workspace called SandboxEnvironment.
   • Verify that the URL for the Files folder in the lakehouse is https://onelake.dfs.fabric.microsoft.com/BusinessCentralData/SandboxEnvironment.Lakehouse/Files/
7. Make API calls to create files in the lakehouse, based on the OneLake documentation.
   • Open a tool like Postman.
   • Create a new request to create a file called abc.txt on the OneLake.
     • Http method: PUT
     • URL: https://onelake.dfs.fabric.microsoft.com/BusinessCentralData/SandboxEnvironment.Lakehouse/Files/abc....
     • Body: some text
     • Authorization: OAuth 2.0 with the tokens granted as per,
       
       The values are copied over from Step 2 above.
   • Click on Send to send the request out.

EXPECTED: A new file called abc.txt is created under the Files folder of our SandboxEnvironment lakehouse as per the official OneLake doc.

ACTUAL: 401 Unauthorized response: Authentication Failed with Audience validation failed for audience '00000002-0000-0000-c000-000000000000'