Power BI is turning 10! Tune in for a special live episode on July 24 with behind-the-scenes stories, product evolution highlights, and a sneak peek at what’s in store for the future.
Save the dateEnhance your career with this limited time 50% discount on Fabric and Power BI exams. Ends August 31st. Request your voucher.
Hi,
I have a dataflow gen2 working which uses Warehouse connection (with OAUth2.0 authentication).
I've seen that it's possible to authenticate with Service Principal, so I'm trying to change it to sp. This is dataflow query using Warehouse connection:
Where first step Source is:
And second Navigation 1:
The sp I've configured is in a security group which has Contributor role in that workspace starting with 0b...
However, when I change de connection to Service Principal, the dataflow fails..
Where does de sp need no have acces to so the authentication can success??
Hi @amaaiia,
Thank you for reaching out to Microsoft Fabric Community.
The Service Principal or the security group it belongs to must be explicitly granted access to the Warehouse in Microsoft Fabric. The Contributor role on the workspace does not automatically grant SP access to the underlying Warehouse object for query execution.
Go to the Warehouse settings in Microsoft Fabric, click Manage Access and assign the SP group the Member or Admin role directly on the Warehouse.
Once done re test the connection in Dataflow Gen2 and it should work successfully with the Service Principal authentication.
If this post helps, then please consider Accepting as solution to help the other members find it more quickly, don't forget to give a "Kudos" – I’d truly appreciate it!
Thanks and regards,
Anjan Kumar Chippa
Where is that in the documentation?
Workspace roles affects to items in the workspace. And why member? Member is the same as Contributor but with the possibility of resharing... It doesn't make sense. According to official documentation, workspace role is enough (Service Principals in Fabric Data Warehouse - Microsoft Fabric | Microsoft Learn)
Anyway, as expected, it's not working.
Hi @amaaiia,
Yes, the documentation mentions that assigning the Service Principal a Contributor role at the workspace level should be sufficient.
But in practice we have observed that even with proper workspace level Contributor roles, Dataflows Gen2 using the Fabric.Warehouse() connector still fail with SP authentication, unless the SP (or its security group) is also explicitly granted access at the Warehouse level as well.
This behaviour is not clearly documented yet, but it aligns with internal testing and multiple cases seen in the community and support channels. It is likely related to how Dataflow Gen2 executes queries through the warehouse connector, which still checks Warehouse level permissions even when workspace level permissions exist.
If this post helps, then please consider Accepting as solution to help the other members find it more quickly, don't forget to give a "Kudos" – I’d truly appreciate it!
Thanks and regards,
Anjan Kumar Chippa
Hi @amaaiia,
As we haven’t heard back from you, we wanted to kindly follow up to check if the solution I have provided for the issue worked? or let us know if you need any further assistance.
If my response resolved your issue, please mark it as "Accept as solution" and give kudos if you found it helpful.
Thanks and regards,
Anjan Kumar Chippa
Hi @amaaiia,
We wanted to kindly follow up to check if the solution I have provided for the issue worked?
If my response resolved your issue, please mark it as "Accept as solution" and give kudos if you found it helpful.
Thanks and regards,
Anjan Kumar Chippa
Hi @amaaiia,
As we haven’t heard back from you, we wanted to kindly follow up to check if the solution I have provided for the issue worked?
If my response resolved your issue, please mark it as "Accept as solution" and give kudos if you found it helpful.
Thanks and regards,
Anjan Kumar Chippa
This is your chance to engage directly with the engineering team behind Fabric and Power BI. Share your experiences and shape the future.
User | Count |
---|---|
3 | |
2 | |
1 | |
1 | |
1 |