Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

The Power BI Data Visualization World Championships is back! Get ahead of the game and start preparing now! Learn more

Reply
sebastianj
Frequent Visitor

ADMIN Rest API request using Service Principal

‎12-02-2022 06:42 AM

Hi all, 

 

I am trying to use ADMIN REST API for Power BI (e.g., GetGroupsAsAdmin) using a Service Principal (Read-Only). 

 

I have follow the MS documentation for this process: 

 

1. Create App in Azure (Without any PBI Admin-consent credential)

 

2. Add the App into a Secure Group in Azure

 

3. Enable the Service Principal in Power BI and add the Secure Group as an specific group

 

4. Add the App as a member of the workspaces in Power BI Service

 

Then I generate the access token in PowerShell and try to pull out data from REST API using Anonynous connection in Power BI Desktop.

 

Yet I was getting a forbidden access message...

 

sebastianj_0-1669991832892.png

sebastianj_1-1669991905097.png

Then we allow the Delegated Permission (Tenant.ReadAll) but message just changed to "Credential provided are not valid"

 

Does anyone know what could be happening?

 

Many thanks

 

Labels:
Message 1 of 3
1,782 Views
0
1 ACCEPTED SOLUTION
Daryl-Lynch-Bzy
Resident Rockstar
Resident Rockstar

‎12-02-2022 02:42 PM

Hi @sebastianj - you shouldn't need step 4.  The Service Principal app will be assigned premissions to read all workspaces when the Security Group it is a member of was added in step 3.  However, can I please check that you added it in the 2 places in the Power BI Tenant Settings:

 

  1. Allow service principals to use Power BI APIs
  2. Allow service principals to use read-only Power BI admin API

Embed Power BI content in an embedded analytics application with service principal and an applicatio...

Enable service principal authentication for read-only admin APIs - Power BI | Microsoft Learn


View solution in original post

Message 2 of 3
1,746 Views
0
2 REPLIES 2
Anonymous
Not applicable

‎12-06-2022 11:31 PM

Hi @sebastianj,

Did the above suggestions help with your scenario? if that is the case, you can consider Kudo or Accept the helpful suggestions to help others who faced similar requirements.

If these also don't help, please share more detailed information to help us clarify your scenario to test.

How to Get Your Question Answered Quickly 

Regards,

Xiaoxin Sheng

Message 3 of 3
1,693 Views
0
Daryl-Lynch-Bzy
Resident Rockstar
Resident Rockstar

‎12-02-2022 02:42 PM

Hi @sebastianj - you shouldn't need step 4.  The Service Principal app will be assigned premissions to read all workspaces when the Security Group it is a member of was added in step 3.  However, can I please check that you added it in the 2 places in the Power BI Tenant Settings:

 

  1. Allow service principals to use Power BI APIs
  2. Allow service principals to use read-only Power BI admin API

Embed Power BI content in an embedded analytics application with service principal and an applicatio...

Enable service principal authentication for read-only admin APIs - Power BI | Microsoft Learn


Message 2 of 3
1,747 Views
0

Helpful resources

Announcements
Power BI DataViz World Championships

Power BI Dataviz World Championships

The Power BI Data Visualization World Championships is back! Get ahead of the game and start preparing now!

December 2025 Power BI Update Carousel

Power BI Monthly Update - December 2025

Check out the December 2025 Power BI Holiday Recap!

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All