Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Level up your Power BI skills this month - build one visual each week and tell better stories with data! Get started

Reply
Anonymous
Not applicable

ADMIN Rest API request using Service Principal

‎12-02-2022 06:42 AM

Hi all, 

 

I am trying to use ADMIN REST API for Power BI (e.g., GetGroupsAsAdmin) using a Service Principal (Read-Only). 

 

I have follow the MS documentation for this process: 

 

1. Create App in Azure (Without any PBI Admin-consent credential)

 

2. Add the App into a Secure Group in Azure

 

3. Enable the Service Principal in Power BI and add the Secure Group as an specific group

 

4. Add the App as a member of the workspaces in Power BI Service

 

Then I generate the access token in PowerShell and try to pull out data from REST API using Anonynous connection in Power BI Desktop.

 

Yet I was getting a forbidden access message...

 

sebastianj_0-1669991832892.png

sebastianj_1-1669991905097.png

Then we allow the Delegated Permission (Tenant.ReadAll) but message just changed to "Credential provided are not valid"

 

Does anyone know what could be happening?

 

Many thanks

 

Labels:
Message 1 of 3
2,306 Views
0
1 ACCEPTED SOLUTION
Daryl-Lynch-Bzy
Community Champion
Community Champion

‎12-02-2022 02:42 PM

Hi @Anonymous - you shouldn't need step 4.  The Service Principal app will be assigned premissions to read all workspaces when the Security Group it is a member of was added in step 3.  However, can I please check that you added it in the 2 places in the Power BI Tenant Settings:

 

  1. Allow service principals to use Power BI APIs
  2. Allow service principals to use read-only Power BI admin API

Embed Power BI content in an embedded analytics application with service principal and an application secret - Power BI | Microsoft Learn

Enable service principal authentication for read-only admin APIs - Power BI | Microsoft Learn


View solution in original post

Message 2 of 3
2,270 Views
0
2 REPLIES 2
Anonymous
Not applicable

‎12-06-2022 11:31 PM

Hi @Anonymous,

Did the above suggestions help with your scenario? if that is the case, you can consider Kudo or Accept the helpful suggestions to help others who faced similar requirements.

If these also don't help, please share more detailed information to help us clarify your scenario to test.

How to Get Your Question Answered Quickly 

Regards,

Xiaoxin Sheng

Message 3 of 3
2,217 Views
0
Daryl-Lynch-Bzy
Community Champion
Community Champion

‎12-02-2022 02:42 PM

Hi @Anonymous - you shouldn't need step 4.  The Service Principal app will be assigned premissions to read all workspaces when the Security Group it is a member of was added in step 3.  However, can I please check that you added it in the 2 places in the Power BI Tenant Settings:

 

  1. Allow service principals to use Power BI APIs
  2. Allow service principals to use read-only Power BI admin API

Embed Power BI content in an embedded analytics application with service principal and an application secret - Power BI | Microsoft Learn

Enable service principal authentication for read-only admin APIs - Power BI | Microsoft Learn


Message 2 of 3
2,271 Views
0

Helpful resources

Announcements
April Power BI Update Carousel

Power BI Monthly Update - April 2026

Check out the April 2026 Power BI update to learn about new features.

Fabric SQL PBI Data Days

Data Days 2026 coming soon!

Sign up to receive a private message when registration opens and key events begin.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

View All