- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fabric REST API connection - GIT
Hi!
I have created Entra ID app and assigned delegated permissions: Tenant.ReadAll, Workspace.GitUpdate.All, Workspace.ReadWrite.All.
I would like to use Git API functionality, but during establishing of connection I am receiving an error:
{
"requestId": "xxxxxx",
"errorCode": "PrincipalTypeNotSupported",
"message": "The operation is not supported for the principal type"
}
App has assigned Admin priviledges to that particular workspace that I am trying to get GIT status.
Worth to add that I am able to use other functionalities like: Get Domain, List Workspaces etc. In the documentation it is mentioned that 'Service principals are not supported', but why some of services are working and some not? Should be that App added somewhere in Admin Tenant settings as well?
I will really appreciate your help, thanks! 🙂
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We've run into this service principal limitation for our enterprise deployment.
For example, I am able to use the Fabric - Core - Deployment Pipelines API as a service principal, but not the Git APIs.
Even if the functionality is currently in preview, is there any sort of roadmap as to when support for service principals might come for the Git APIs?
I've opened a support request, but, between the lack of service principal support for Git APIs and the one-to-one restriction of workspace-to-Power BI deployment pipeline stage, the options for officially supported enterprise deployment appear limited and insufficient.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @feelthelight14,
As @lbendlin said, these part of fabric rest api still in preview so they may not work as common rest api and support all type of features and authorizations.
You can also refer to the following official documents about fabric rest api usage and it mention the service principal mode not supported.
>>App has assigned Admin priviledges to that particular workspace that I am trying to get GIT status.
Worth to add that I am able to use other functionalities like: Get Domain, List Workspaces etc. In the documentation it is mentioned that 'Service principals are not supported', but why some of services are working and some not? Should be that App added somewhere in Admin Tenant settings as well?
In summary, these features may not fully release to global environment so some of they can be used but the others not. (these parts did not clearly mention in the documents, if you want to know more about them you can consider opening a support ticket to contact to the dev team to get detail information)
Regards,
Xiaoxin Sheng
If this post helps, please consider accept as solution to help other members find it more quickly.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @feelthelight14,
I'd like to suggest you take a look at the official document about service principal limitations if it helps for your scenario:
Regards,
Xiaoxin Sheng
If this post helps, please consider accept as solution to help other members find it more quickly.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry, but it's not helpful. The question was why it does work only for some Fabric API and for some not.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If I had to guess I would say that auditing considerations are playing a role. Anything "destructive" should be possible to link back to a real person.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Problem is when all your real users are on Cognito ,oauth or Azure b2c .. this is why for reports we use a service principal.

Helpful resources
Subject | Author | Posted | |
---|---|---|---|
10-11-2024 03:24 AM | |||
01-01-2025 01:31 AM | |||
01-12-2025 08:45 AM | |||
09-21-2023 08:25 AM | |||
01-10-2025 03:29 PM |