Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Enhance your career with this limited time 50% discount on Fabric and Power BI exams. Ends September 15. Request your voucher.

Reply
NewUser2025
New Member

How to connect Multi Tenant connection in different domain fabric to synapse data pull

Tuesday

I need to connect fabric data warehouse from one domain to different domain with service principle using Azure synapse, I need to copy data from fabric data warehouse to sql database, I need proper steps to give what are the required permissions for service principle and I need required permissions in fabric workspace.
We already created one service principle in Domain-1 Azure (XYZ.123@xyz.com) and we are trying to connect in fabric workspace  with Domain-2 Fabric (abc.123@abc.com) using service principle, we are trying to give fabric workspace access to azure service principle (Domain1) but We are unable to see or connect azure service principle

Message 1 of 4
378 Views
0
3 REPLIES 3
NewUser2025
New Member

Thursday

We have created the Enterprise Application in Domain-2(Fabric) we followed below steps 
Step -1: 

NewUser2025_1-1757575854369.png


Step-2:

NewUser2025_2-1757575989441.png


Step-3:

NewUser2025_3-1757576145128.png


Step-4:

NewUser2025_4-1757576452653.png


step-5:

NewUser2025_5-1757576927213.png


Step-6:

NewUser2025_6-1757577132119.png


Step-7: (We are struck in step7,Tell me the following steps)
How to assign Domain -1(Azure) client id to the Enterprise Application in Domain-2(Fabric) which is created above,Tell me the steps to assign client id

Message 4 of 4
173 Views
0
NewUser2025
New Member

Wednesday

We have created Enterprise Application in Domain-2(Fabric) and where we need to assign Domain -1(Azure) client id to the Enterprise Application in Domain-2(Fabric), can you give me the step by step process

NewUser2025_1-1757513717846.png

 

 

Message 3 of 4
252 Views
0
Vinodh247
Responsive Resident
Responsive Resident

Tuesday

In your case the problem is that the service principal was created in Domain-1 AAD, while the Microsoft Fabric environment belongs to Domain-2 AAD. Fabric can only see service principals that exist in its own tenant, so the Domain-1 service principal must first be registered as an Enterprise Application in Domain-2. Once you do that, Fabric in Domain-2 will be able to recognise and grant permissions to it.

 

The sequence is as follows:

in Domain-2 AAD, create an Enterprise Application using the client ID of the Domain-1 service principal, then in the Fabric Admin portal make sure that service principal access is enabled, and finally add the service principal as a member of the Fabric workspace with an appropriate role such as Contributor or Viewer. Inside the Fabric data warehouse, create a SQL user for the service principal from external provider and assign it to db\datareader or db\_datawriter roles depending on whether you need read or write.

 

After these steps, in Synapse you can configure a linked service to the Fabric SQL endpoint using the same service principal credentials and copy data into SQL Database. The key missing piece in your setup is that the Domain-1 service principal must be explicitly brought into Domain-2 as an Enterprise Application before it can be assigned permissions in Fabric.

Please 'Kudos' and 'Accept as Solution' if this answered your query.

Regards,
Vinodh
Microsoft MVP [Fabric]
Message 2 of 4
354 Views
0

Helpful resources

Announcements
August Fabric Update Carousel

Fabric Monthly Update - August 2025

Check out the August 2025 Fabric update to learn about new features.

August 2025 community update carousel

Fabric Community Update - August 2025

Find out what's new and trending in the Fabric community.

View All