Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Next up in the FabCon + SQLCon recap series: The roadmap for Microsoft SQL and Maximizing Developer experiences in Fabric. All sessions are available on-demand after the live show. Register now

Reply
sglen
New Member

OneLake security roles via REST API not syncing to SQL analytics endpoint

‎03-19-2026 08:21 AM

We’re using a script to apply data access roles via the Fabric REST API (PUT /dataAccessRoles). The API returns HTTP 200, and the roles plus members show up correctly via the List API, so the roles are applied on the lakehouse.

 

But the SQL analytics endpoint is not picking up these changes.

 

The ols_ roles do get created in the SQL endpoint, but the members are not synced. As a result, sys.database_role_members stays empty.

 

The sync only seems to trigger when changes are made through the OneLake Security UI in the Fabric portal.

Evidence

  • Our script ran successfully, HTTP 200, all roles with members confirmed via List API

  • SQL endpoint shows ols_ roles created, but zero members in sys.database_role_members

  • After manually removing and re-adding a member via the UI for a role, all members appeared immediately

Impact

New users or groups added via deploy do not get SQL endpoint access until a manual sync is triggered via the UI

Current workaround

Per role in the OneLake Security UI: remove a member, save, add it back, save. This triggers the sync.

 

Can this be investigated and resolved?

Message 1 of 3
573 Views
0
2 REPLIES 2
v-echaithra
Community Support
Community Support

‎03-30-2026 05:02 AM

Hi @sglen ,

Could you please confirm if you’ve already raised the support ticket? If not, please go ahead and create one.
Also, once you get any update from the support team, kindly share it here it will be helpful for others facing the same issue.

 

Thank you.

Message 3 of 3
330 Views
0
v-echaithra
Community Support
Community Support

‎03-20-2026 12:29 AM

Hi @sglen ,

Based on your findings, this behavior appears to indicate a synchronization gap between OneLake security Data Access Roles applied via API and the SQL Analytics endpoint.

While the PUT /dataAccessRoles API successfully updates the OneLake security metadata as confirmed via the List API, the corresponding role membership is not being propagated to the SQL Analytics endpoint. This is evident from the absence of entries in sys.database_role_members, despite the roles themselves being created.
In contrast, making any modification through the OneLake Security UI triggers an internal process that correctly synchronizes role memberships to the SQL endpoint. This suggests that the UI invokes an additional backend sync mechanism that is currently not triggered by API operations.
Additionally, there is currently no documented API or supported method to explicitly trigger the OneLake > SQL endpoint security sync.
We recommend raising a Microsoft Fabric support ticket with the relevant details workspace, lakehouse, timestamps, and reproduction steps so this can be investigated further by the product team and addressed appropriately.
Please refer below link on how to raise a contact support or support ticket. 
How to create a Fabric and Power BI Support ticket - Power BI | Microsoft Learn 

Regards,
Community Support Team.

Message 2 of 3
522 Views
0

Helpful resources

Announcements
FabCon and SQLCon Highlights Carousel

FabCon &SQLCon Highlights

Experience the highlights from FabCon & SQLCon, available live and on-demand starting April 14th.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Join our Fabric User Panel

Join our Fabric User Panel

Share feedback directly with Fabric product managers, participate in targeted research studies and influence the Fabric roadmap.

March Fabric Update Carousel

Fabric Monthly Update - March 2026

Check out the March 2026 Fabric update to learn about new features.

View All