I have setup AppOwnsData embedding with service principal profiles and everything is working as expected when you create a workspace as a profile using the powerbi .net sdk. When creating the workspace using the profile id header, it correctly creates the workspace and automatically assigns the profile id that was in the header, as the admin of the workspace.
Now I need to have other service principal profiles added to the same workspace, but I don't want them to be the admin of the workspace, but viewers or contributors since I will be applying RLS to further filter the data through DAX in a Parent Client/Child Client scenario.
My question is why can't I add a service principal profile as anything else than "Admin"?
I get a 400 bad request each time I try to add them as something other than admin. If I set the GroupUserAccessRight to "Admin", it works as expected and I can give access to multiple service principal profiles to the same workspace. The same issue is shown if I go into the workspace in app.powerbi.com and try to change the service principal profile to Viewer/Member/Contributor. I get an error in the UI shown below.
Is this just a limitation that I am not aware of or couldn't find documentation on? What would be the reasoning of only allowing adding sp profiles as admins?
It's a simple operation, but this is how I am calling the addGroupUser endpoint through the .net sdk.
var childGroupUser = new GroupUser
{
Identifier = "[ServicePrincipalObjectId]",//not the client id. Would be nice if that was clear in the docs on what identifier is needed...
GroupUserAccessRight = GroupUserAccessRight.Contributor,//or Viewer or Member gives 400 bad request
PrincipalType = PrincipalType.App,
Profile = new ServicePrincipalProfile{
Id=[ServicePrincipalProfileObjectId]
}
};
Guid groupId = Guid.Parse("[workspaceGuid]");
await _powerBiClient.Groups.AddGroupUserAsync(groupId, childGroupUser);
Helpful resources
Join us at the Microsoft Fabric Community Conference
March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!
We want your feedback!
Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions.
Microsoft Fabric Community Conference 2025
Arun Ulag shares exciting details about the Microsoft Fabric Conference 2025, which will be held in Las Vegas, NV.
A Year in Review - December 2024
Find out what content was popular in the Fabric community during 2024.
