Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

We've captured the moments from FabCon & SQLCon that everyone is talking about, and we are bringing them to the community, live and on-demand. Starts on April 14th. Register now

Reply
urraghu
Frequent Visitor

APP registration - API permissions

‎08-31-2020 11:36 PM

Hi,

 

Regarding registration of an App in Azure AD through below power-bi App registration tool.

https://docs.microsoft.com/en-us/power-bi/developer/embedded/register-app

https://dev.powerbi.com/apps

 

From governance and security perspective, want to know what each of API permissions are for. any documentation/pointers explaining each API access/permission scope would be helpful.

 

I believe APP that should be registered is the  workspace which becomes APP once published..

By granting " Read and Write All data sets" .. would this application and developer signed in get read/write access to all data sets of all work spaces in the tenant or only the data sets of the App/workspace being registered?

Similarly, other permissions like "Read and Write all workspaces/dashboards" ?? 

 

By name it sounds like developer registering the app would get access through API to all data sets/reports/dashboards when those respective permissions are given. But wondering why one should have access to other workspaces/datasets outside his App/workspace which is being registered?

 

 

 

 

Labels:
Message 1 of 2
3,416 Views
0
1 ACCEPTED SOLUTION
Anonymous
Not applicable

‎09-03-2020 02:35 AM

Hi @urraghu,

#1, Nope, I don't think these users can view all contents. If they not have admin permission, they can only view the public and the contents they get permission to access. (for personal workspace contents, admin also not has permission to view)

Power BI REST APIs 

#2, AFAIK, these operations are work on the azure side and mapping with user credentials. If users want to operate on power bi content, they will also verify the AAD credentials and power bi permissions.

Get an authentication access token 
In addition, you can also check the audit log function which will log the activity of different users. (these operations are based on his credentials, so they will also record into audit logs)

Track user activities in Power BI 

Regards,

Xiaoxin Sheng

View solution in original post

Message 2 of 2
3,361 Views
0
1 REPLY 1
Anonymous
Not applicable

‎09-03-2020 02:35 AM

Hi @urraghu,

#1, Nope, I don't think these users can view all contents. If they not have admin permission, they can only view the public and the contents they get permission to access. (for personal workspace contents, admin also not has permission to view)

Power BI REST APIs 

#2, AFAIK, these operations are work on the azure side and mapping with user credentials. If users want to operate on power bi content, they will also verify the AAD credentials and power bi permissions.

Get an authentication access token 
In addition, you can also check the audit log function which will log the activity of different users. (these operations are based on his credentials, so they will also record into audit logs)

Track user activities in Power BI 

Regards,

Xiaoxin Sheng

Message 2 of 2
3,362 Views
0

Helpful resources

Announcements
New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

Join our Fabric User Panel

Join our Fabric User Panel

Share feedback directly with Fabric product managers, participate in targeted research studies and influence the Fabric roadmap.

March Power BI Update Carousel

Power BI Community Update - March 2026

Check out the March 2026 Power BI update to learn about new features.

View All