Starting December 3, join live sessions with database experts and the Microsoft product team to learn just how easy it is to get started
Learn moreShape the future of the Fabric Community! Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions. Take survey.
Hi!
I have created Entra ID app and assigned delegated permissions: Tenant.ReadAll, Workspace.GitUpdate.All, Workspace.ReadWrite.All.
I would like to use Git API functionality, but during establishing of connection I am receiving an error:
{
"requestId": "xxxxxx",
"errorCode": "PrincipalTypeNotSupported",
"message": "The operation is not supported for the principal type"
}
App has assigned Admin priviledges to that particular workspace that I am trying to get GIT status.
Worth to add that I am able to use other functionalities like: Get Domain, List Workspaces etc. In the documentation it is mentioned that 'Service principals are not supported', but why some of services are working and some not? Should be that App added somewhere in Admin Tenant settings as well?
I will really appreciate your help, thanks! 🙂
We've run into this service principal limitation for our enterprise deployment.
For example, I am able to use the Fabric - Core - Deployment Pipelines API as a service principal, but not the Git APIs.
Even if the functionality is currently in preview, is there any sort of roadmap as to when support for service principals might come for the Git APIs?
I've opened a support request, but, between the lack of service principal support for Git APIs and the one-to-one restriction of workspace-to-Power BI deployment pipeline stage, the options for officially supported enterprise deployment appear limited and insufficient.
Hi @feelthelight14,
As @lbendlin said, these part of fabric rest api still in preview so they may not work as common rest api and support all type of features and authorizations.
You can also refer to the following official documents about fabric rest api usage and it mention the service principal mode not supported.
>>App has assigned Admin priviledges to that particular workspace that I am trying to get GIT status.
Worth to add that I am able to use other functionalities like: Get Domain, List Workspaces etc. In the documentation it is mentioned that 'Service principals are not supported', but why some of services are working and some not? Should be that App added somewhere in Admin Tenant settings as well?
In summary, these features may not fully release to global environment so some of they can be used but the others not. (these parts did not clearly mention in the documents, if you want to know more about them you can consider opening a support ticket to contact to the dev team to get detail information)
Regards,
Xiaoxin Sheng
Hi @feelthelight14,
I'd like to suggest you take a look at the official document about service principal limitations if it helps for your scenario:
Regards,
Xiaoxin Sheng
Sorry, but it's not helpful. The question was why it does work only for some Fabric API and for some not.
If I had to guess I would say that auditing considerations are playing a role. Anything "destructive" should be possible to link back to a real person.
Problem is when all your real users are on Cognito ,oauth or Azure b2c .. this is why for reports we use a service principal.
Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions.
Check out the November 2024 Power BI update to learn about new features.