![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 62%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKS%3C/text%3E%3C/svg%3E)
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
732 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 61%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
Hi Kallu, Srinath,
Thanks for reaching out to Microsoft Q&A.
The error message indicates that your Databricks notebook is unable to auth with the Azure Event Hub using the Managed Identity.
Here are the potential reasons and troubleshooting steps to resolve this issue:
Verify Managed Identity Setup
- Ensure that a MI (System-Assigned/User-Assigned) is enabled for your Azure Databricks cluster or workspace.
- Confirm that this MI has the required permissions on the Event Hub (ex:
Azure Event Hubs Data Receiver).
Assign Necessary Role to Managed Identity
- In the Azure Portal:
- Navigate to the Event Hub namespace or specific Event Hub instance.
- Go to Access Control (IAM) and add the
Azure Event Hubs Data Receiverrole to the Managed Identity of the Databricks workspace.
Use the Correct Azure Library in Databricks
- Make sure you are using the
azure-eventhubandazure-identitylibraries in Databricks for Managed Identity authentication. Example installation command: %pip install azure-eventhub azure-identity
Update the Event Hub Consumer Code
- Your Python code should use
DefaultAzureCredentialto authenticate with the Event Hub using the Managed Identity. Here's an example:from azure.identity import DefaultAzureCredential from azure.eventhub import EventHubConsumerClient # Replace with your Event Hub details event_hub_namespace = "Your-EventHub-Namespace.servicebus.windows.net" event_hub_name = "Your-EventHub-Name" consumer_group = "$Default" # Use Managed Identity for authentication credential = DefaultAzureCredential() client = EventHubConsumerClient( fully_qualified_namespace=event_hub_namespace, eventhub_name=event_hub_name, consumer_group=consumer_group, credential=credential ) def on_event(partition_context, event): print("Received event: {}".format(event.body_as_str())) partition_context.update_checkpoint(event) with client: client.receive(on_event=on_event)
Verify Networking Setup
- If your Event Hub namespace uses Private Link or is behind a virtual network, ensure the Databricks cluster has access to it.
- You may need to configure VNet peering or allow the Managed Identity traffic.
Check Diagnostic Logs
- Enable diagnostic logs for your Event Hub to get more details about failed authentication attempts. Navigate to Monitoring > Diagnostics settings in the Event Hub and configure logging to a Log Analytics workspace or Storage account.
Debugging Steps
- Test Managed Identity access separately using a simple Python script outside of Databricks.
- Check if there are any network restrictions or IP firewalls blocking access.
Additional Considerations:
If you continue to face the issue, verify that:
- The Azure SDK versions are up to date.
- The Event Hub namespace and resource name match exactly in the code.
- No other conflicting roles or policies are impacting the MI.
Please feel free to click the 'Upvote' (Thumbs-up) button and 'Accept as Answer'. This helps the community by allowing others with similar queries to easily find the solution.