![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 52%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
4,597 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 4%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Hello Gopisetty, Srikanth (External),
Welcome to the Microsoft Q&A and thank you for posting your questions here.
Problem
I understand that you are having 403 forbidden error while opening synapse web UI. After you have created azure synapse studio with public access disabled and we have created private end points for synapse workspace with private link hub to access web synapse.
Solution
When encountering a 403 Forbidden error while trying to access the Synapse web UI, it typically indicates an issue with permissions or network configurations. To some extent it might have many reasons beyond normal.
To get the root of the incident, check the diagnostic logs in Azure Synapse and any related logs in your Azure environment for more detailed error messages and use Azure Monitor to gather more insights about the connection attempts and potential issues for specific solution.
However, I will provide you with possibility diagnosis that can solve the issue in a normal scenario:
- Ensure that the private endpoints for your Synapse workspace are correctly set up.
- Check that the DNS configuration is correctly resolving the private endpoint.
- Verify that the Network Security Groups (NSGs) associated with your private endpoints allow inbound traffic from your IP address or subnet.
- Ensure that the firewall settings on your Synapse workspace are correctly configured to allow access from your private endpoints.
- Ensure that the user account you are using has the necessary permissions to access the Synapse workspace.
- Check role assignments in Azure Synapse and ensure the user has at least the
Synapse AdministratororSynapse Contributorrole. - Ensure that your DNS is correctly configured to resolve the private link FQDN to the private IP address of the private endpoint.
- If you are accessing the Synapse workspace from a VNet, ensure that the VNet integration is correctly configured.
- Check the VNet peering settings if your Synapse workspace and the accessing resources are in different VNets.
- Verify that the private link service has been approved and is in a
Connectedstate.
If you could check through these lists, the problem should be solved and if not get back with more log report for best solution.
Accept Answer
I hope this is helpful! Do not hesitate to let me know if you have any other questions.
** Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful ** so that others in the community facing similar issues can easily find the solution.
Best Regards,
Sina Salam