Forum Discussion

JBNFM's avatar
JBNFM
Copper Contributor
Apr 21, 2026

Unified Catalog Self-serve analytics integration

I'm hoping someone has gone through the process of setting up the Self-serve analytics in the Unified Catalog settings to push the Unified Catalog information down to a Fabric Lakehouse.   I create...
Pbv85's avatar
Pbv85
MCT
Apr 21, 2026

Hi JBNFM​,

The 403 (AccessDenied) during the scheduled run could mean write/scan permissions are missing at the item (Lakehouse) level, not just to the workspace.

I believe granting Contributor on the Workspace to the Fabric MSI is not sufficient for Unified Catalog scans.

This could be the issue as the Fabric Workspace Managed Identity (MSI) must have explicit access to the Lakehouse item.  This could mean Lakehouse item should have explicit permissions Read + Write + Execute permissions so Purview can persist scan state/results.

Try the following

  1. Go to Fabric Workspace → open the Lakehouse.
  2. Click Manage access then  item-level permissions.
  3. Add the same MSI shown in Purview.
  4. Grant Read, Build, and Write (or equivalent Lakehouse contributor rights) 
  5. Re‑run the scheduler.

Thos may work, as without Lakehouse-level permissions, Fabric returns 403 Forbidden even though workspace access exists.

 

If you find the answer useful and you appreciate my time, please do not forget to like and mark it as a solution 🙂

JBNFM's avatar
JBNFM
Copper Contributor
Apr 22, 2026

Pbv85​ , thanks for your response.  When I go into the Lakehouse, I don't see the "Manage Access", the only thing I see is "Managed OneLake security".  If there's another place, let me know as I'm not seeing it.

 

In the OneLake security, there was only a Reader role with the MSI in it.  I created another Contributor Role and set it to "Read,ReadWrite" as those were the only 2 options.  and then added the Purview MSI to that role.  Still getting the same error.