Hi, in the end we found the issue: we use the Azure Key Vault to provide the credentials towards the Synapse workspace. With this you cannot select "Managed Identity" as an authentication method. Which is needed because we provided the ADF with enough rights on the synapse and underlying storage account.
When you use the "SQL Authentication", that user is used (in our case the admin), that has not enough rights on the storage account.
I hope this also enables others to secure their data lake.