Getting 401 when invoking POST /openai/deployments/... API

Question

Getting 401 when invoking POST /openai/deployments/... API

Syed Razvi 0

I am working on a POC for a chatbot using the instructions provided here. I am trying to execute SQL Script # 4 here and getting the following error:

{"response":{"status":{"http":{"code":401,"description":""}},"headers":{"Date":"Sun, 10 Aug 2025 12:23:47 GMT","Content-Length":"285","Content-Type":"application/json","x-ms-client-request-id":"Not-Set","apim-request-id":"851452ef-b98e-4861-8ecd-fca65bd162a0","strict-transport-security":"max-age=31536000; includeSubDomains; preload","x-content-type-options":"nosniff"}},"result":{"error":{"code":"PermissionDenied","message":"The principal 1d701f4d-ec50-****-95ee-5cb8698533a1 lacks the required data action Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action to perform POST /openai/deployments/{deployment-id}/embeddings operation."}}}.

I have enabled all possible permissions but have no idea why it's still occurring.

Thanks for any assistance.

1 answer

Your answer

Answer 1

Hello Syed !

Thank you for posting on Microsoft Learn.

Have you verified if the principal has the necessary permissions assigned ?

From the error message, the permission required is Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action which should be granted either through a role assigned to the service principal or through custom RBAC.

The principal must have the appropriate Azure role for accessing OpenAI resources :

Cognitive Services OpenAI User
Cognitive Services Contributor
Or a custom role that grants permission for OpenAI-related actions

Also, the service principal has access to the specific OpenAI deployment. If the principal does not have access to the deployment, the action will be blocked.

Share via

Getting 401 when invoking POST /openai/deployments/... API

1 answer

Your answer