Creating service provider connection with System Managed Identity failed- unauthorized error

[Ibrahim-Ali81]

Describe the Bug

Issue:
Creating service provider connection with System Managed Identity failed in Logic app standard designer on adding built in BLOB action with the unauthorized error although System assigned managed identity was assigned to storage blob data contributor security role on resource type Microsoft.Storage/StorageAccounts/blobservices/containers

Error:
{
"Code": "Unauthorized",
"Message": "Encountered an error (Forbidden) from extensions API.",
"Target": null,
"Details": [
{
"Message": "Encountered an error (Forbidden) from extensions API."
},
{
"Code": "Unauthorized"
},
{
"ErrorEntity": {
"Code": "Unauthorized",
"Message": "Encountered an error (Forbidden) from extensions API."
}
}
],
"Innererror": null
}

Workaround
assigning System Managed Identity blob data contributor security role on the whole storage account,
Ask
this workaround is not accepted by cx as permanent solution because cx doesn't want to give access to the full storage account and logic app SAMI will be authorized to access only specific container through built in action to get blobs from that container, so ask to have creating service provider connection works fine with permissions granted to a specific container

Plan Type

Standard

Steps to Reproduce the Bug or Issue

Create testcontainer in a storage account
Enable system assigned managed identity "SAMI" in logic app standard
assign storage blob data contributor security role to SAMI on testcontainer
try to create service provider connection with authentication type managed identity
you will have below error in logic app designer
Error:
{
"Code": "Unauthorized",
"Message": "Encountered an error (Forbidden) from extensions API.",
"Target": null,
"Details": [
{
"Message": "Encountered an error (Forbidden) from extensions API."
},
{
"Code": "Unauthorized"
},
{
"ErrorEntity": {
"Code": "Unauthorized",
"Message": "Encountered an error (Forbidden) from extensions API."
}
}
],
"Innererror": null
}

Workflow JSON

{
    "definition": {
        "$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
        "contentVersion": "1.0.0.0",
        "actions": {
            "List_all_the_blobs_using_path": {
                "type": "ServiceProvider",
                "inputs": {
                    "parameters": {
                        "containerName": "testcontainer"
                    },
                    "serviceProviderConfiguration": {
                        "connectionName": "AzureBlob-2",
                        "operationId": "listBlobs",
                        "serviceProviderId": "/serviceProviders/AzureBlob"
                    }
                },
                "runAfter": {}
            }
        },
        "outputs": {},
        "triggers": {
            "Recurrence": {
                "type": "Recurrence",
                "recurrence": {
                    "interval": 1,
                    "frequency": "Month"
                }
            }
        }
    },
    "kind": "Stateful"
}

Screenshots or Videos

No response

Additional context

No response