Power BI Refresh Error:
DF-Blob-InvalidAuthConfiguration

What does this error mean?

The ADF Mapping Data Flow Azure Blob Storage linked service authentication is misconfigured. The authentication method or credentials provided do not allow the data flow to access the storage account.

Common causes

• 1The linked service uses account key authentication but the key has been rotated in the Azure portal and the linked service was not updated with the new key
• 2The linked service uses a service principal but the client secret has expired, or the service principal does not have the required RBAC role on the storage account
• 3The linked service uses managed identity (MSI) but the ADF managed identity has not been granted 'Storage Blob Data Reader' or 'Storage Blob Data Contributor' on the target storage account
• 4The authentication type selected in the linked service does not match what the storage account supports (e.g., SAS token selected but SAS is disabled on the account)

How to fix it

1. 1Open the Azure Blob Storage linked service in ADF Studio and click 'Test connection' — note the specific authentication error returned.
2. 2If using account key: go to the storage account in the Azure portal → Access keys, rotate or copy the current key, and update the linked service.
3. 3If using service principal: verify the client secret is not expired in Azure AD, and confirm the service principal has 'Storage Blob Data Reader' or 'Contributor' role on the storage account.
4. 4If using managed identity: in the Azure portal, go to the storage account → IAM → Role assignments, and confirm the ADF managed identity has the required role.
5. 5If using SAS: regenerate the SAS token from the Azure portal and confirm the token's allowed services, resource types, and expiry date are appropriate.

Frequently asked questions

Other data source errors