Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

To celebrate FabCon Vienna, we are offering 50% off select exams. Ends October 3rd. Request your discount now.

Reply
NewUser2025
New Member

How to connect Multi Tenant connection in different domain fabric to synapse data pull

‎09-09-2025 08:46 AM

I need to connect fabric data warehouse from one domain to different domain with service principle using Azure synapse, I need to copy data from fabric data warehouse to sql database, I need proper steps to give what are the required permissions for service principle and I need required permissions in fabric workspace.
We already created one service principle in Domain-1 Azure (XYZ.123@xyz.com) and we are trying to connect in fabric workspace  with Domain-2 Fabric (abc.123@abc.com) using service principle, we are trying to give fabric workspace access to azure service principle (Domain1) but We are unable to see or connect azure service principle

Message 1 of 4
684 Views
0
3 REPLIES 3
NewUser2025
New Member

Thursday

We have created the Enterprise Application in Domain-2(Fabric) we followed below steps 
Step -1: 

NewUser2025_1-1757575854369.png


Step-2:

NewUser2025_2-1757575989441.png


Step-3:

NewUser2025_3-1757576145128.png


Step-4:

NewUser2025_4-1757576452653.png


step-5:

NewUser2025_5-1757576927213.png


Step-6:

NewUser2025_6-1757577132119.png


Step-7: (We are struck in step7,Tell me the following steps)
How to assign Domain -1(Azure) client id to the Enterprise Application in Domain-2(Fabric) which is created above,Tell me the steps to assign client id

Message 4 of 4
479 Views
0
NewUser2025
New Member

‎09-10-2025 07:17 AM

We have created Enterprise Application in Domain-2(Fabric) and where we need to assign Domain -1(Azure) client id to the Enterprise Application in Domain-2(Fabric), can you give me the step by step process

NewUser2025_1-1757513717846.png

 

 

Message 3 of 4
558 Views
0
Vinodh247
Responsive Resident
Responsive Resident

‎09-09-2025 09:18 AM

In your case the problem is that the service principal was created in Domain-1 AAD, while the Microsoft Fabric environment belongs to Domain-2 AAD. Fabric can only see service principals that exist in its own tenant, so the Domain-1 service principal must first be registered as an Enterprise Application in Domain-2. Once you do that, Fabric in Domain-2 will be able to recognise and grant permissions to it.

 

The sequence is as follows:

in Domain-2 AAD, create an Enterprise Application using the client ID of the Domain-1 service principal, then in the Fabric Admin portal make sure that service principal access is enabled, and finally add the service principal as a member of the Fabric workspace with an appropriate role such as Contributor or Viewer. Inside the Fabric data warehouse, create a SQL user for the service principal from external provider and assign it to db\datareader or db\_datawriter roles depending on whether you need read or write.

 

After these steps, in Synapse you can configure a linked service to the Fabric SQL endpoint using the same service principal credentials and copy data into SQL Database. The key missing piece in your setup is that the Domain-1 service principal must be explicitly brought into Domain-2 as an Enterprise Application before it can be assigned permissions in Fabric.

Please 'Kudos' and 'Accept as Solution' if this answered your query.

Regards,
Vinodh
Microsoft MVP [Fabric]
Message 2 of 4
660 Views
0

Helpful resources

Announcements
September Fabric Update Carousel

Fabric Monthly Update - September 2025

Check out the September 2025 Fabric update to learn about new features.

August 2025 community update carousel

Fabric Community Update - August 2025

Find out what's new and trending in the Fabric community.

View All