Re: Adding service principal directly to the works...

Anonymous · ‎03-25-2022

Hi!

I am trying to add Service Principal (app registration) to workspace users.

I am using AccessToken generated for PowerBI Service principals with granted permission:

Here is a PowerShell code which I use to add Service Princpal to worksapce users

$Uri = "https://api.powerbi.com/v1.0/myorg/groups/$WorkspaceId/users"

$Headers = @{Authorization = "Bearer $AccessToken"}

$Body = @{

identifier = $AdObjectIdentifier

groupUserAccessRight ="Admin"

principalType = "App"

}

Invoke-RestMethod -Uri $Uri -Headers $Headers -Method Post -ContentType "application/json" -Body (ConvertTo-Json $Body)

$AdObjectIdentifier is an Azure ObejctId for App Registarion that I want to add to the worksapce users

I am geting an error:

The remote server returned an error: (403) Forbidden.

{"error":{"code":"InvalidRequest","message":"Failed to get service principal details from AAD."}}

I can add AAD group to workspace (when $AdObjectIdentifier = AAD Obejct ID), but not Service principal, why?

Please, help me to understand this.

Thanks,

Urszula

shanj · ‎08-16-2024

Hello @lbendlin ,

Was this resolved? I am getting same error:

{"error": {
"code": "InvalidRequest",
"message": "Failed to get service principal details from AAD."
}}

when I try to use API:

POST https://api.powerbi.com/v1.0/myorg/admin/groups/{groupId}/users

I am authenticating using a service principal which is added to a security group and the group enabled in the PowerBI admin settings: Service Principals can use Fabric APIs.

lbendlin · ‎08-16-2024

Yours may be a different issue. If you have a Pro license you can open a Pro ticket at https://admin.powerplatform.microsoft.com/newsupportticket/powerbi
Otherwise you can raise an issue at https://community.fabric.microsoft.com/t5/Issues/idb-p/Issues .

Anonymous · ‎03-28-2022

Hi @Anonymous ,

Note:

Service principals have access to any tenant settings they're enabled for. Depending on your admin settings, this includes specific security groups or the entire organization.

Please check whether you have added your Security Group which has added the service principal as a member into the tenant setting.

You may check the steps in the offical blog to learn more details.

For referencce: Embed Power BI content with service principal and an application secret

Best Regards,
Rico Zhou

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Anonymous · ‎04-01-2022

@Anonymous I have checked, group (service princiapl which I wanted to add belongs to this group) are added below developers seetings. Sitll I am getting thsi error. Do you have any advise?

lbendlin · ‎03-26-2022

Your tenant admin may need to allow Service Principals to be used in the tenant.

Anonymous · ‎03-28-2022

@lbendlin Could you please explain me this a bit more?

lbendlin · ‎03-28-2022

talk to your tenant admin about the settings on your tenant.

Adding service principal directly to the workspace as an admin gives me an error

Helpful resources

Power BI Monthly Update - September 2025

Fabric Community Update - August 2025

FabCon is coming to Atlanta

Adding service principal directly to the workspace as an admin gives me an error

Helpful resources

Power BI Monthly Update - September 2025

Fabric Community Update - August 2025