Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Get certified in Microsoft Fabric—for free! For a limited time, get a free DP-600 exam voucher to use by the end of 2024. Register now

Reply
Anonymous
Not applicable

How to add a Service Principal as a Gateway Admin inorder to get a list of gateways using API ?

I need to get a list of all the Gateway clusters that is available in power bi portal. I went through the Rest Apis documentation(https://docs.microsoft.com/en-us/rest/api/power-bi/gateways/getgateway) and found that this API requires gateway admin permissions. I am using a Service Principal and have the permissions scope Gateway.ReadWrite.All & DataSet.ReadWrite.All set. 
From the Power Bi portal, it is not possible to add a Service Principal as a gateway admin. I tried the following steps and not able to succeed:

  1. Tried to add a service principal as an admin to the Gateway from the UI using the service principal name and object id, but it is not allowing and throwing error:
    These email addresses are invalid or duplicate: Service Principal Name
    Specify at least one email address
  2. Tried to create an AD group and added the Service Principal to that group and tried to add this group as an admin from the UI, but it is also not allowing and throwing the same error:
    Specify at least one email address

On further analysis, found the powershell cmdlet DataGateway. Using this cmdlet, I am able to create a new gateway cluster with Service Principal as an admin and this gateway cluster is getting listed in the Get Gateways api.

But, I am not able to add the Service Principal as an admin to existing gateways using this powershell cmdlets also.

Is this the only possible solution to add a Service Principal as an admin to a Gateway Cluster ?
Is there any option to add Service Principal as an admin user to an existing Gateway Cluster using this powershell script ?

Do we have any API to add the Service Principal as an admin to the existing Gateway Cluster ?

 

1 ACCEPTED SOLUTION
V-lianl-msft
Community Support
Community Support

Hi @Anonymous ,

 

Within the Power BI Admin portal, we need to ensure that our Tenant settings allow service principals to use Power BI APIs. In addition, you can restrict access to the APIs through security groups.

For more details,please refer to:

https://www.serverlessnotes.com/docs/list-gateways-power-bi-rest-api 

 

Best Regards,
Liang
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

 

View solution in original post

11 REPLIES 11
Christophe93
Helper II
Helper II

The unique solution : via powershell  & api run

It's Impossible to add manually  a AAD Service Principal to a gateway   (As admin for example , to be used on python & pbi gateway apis)

But it can be done via Powershell   

https://blog.jpries.com/2021/11/25/adding-a-non-email-enabled-object-to-power-bi-gateway-cluster-use...

Christophe93
Helper II
Helper II

Hi  

On my opinion , for  aleady  existing  on prem. gataways ,  ADD  the Service principal  as gateway Admin 
<-- run via  powershell  only
https://blog.jpries.com/2021/11/25/adding-a-non-email-enabled-object-to-power-bi-gateway-cluster-use...

No  chance for me  via  anothers methods ... but I get your opinions 

On python call   gateways  inventory API  via this SP connection 

Christophe93
Helper II
Helper II

Hi

It's Impossible to add manually  a AAD SP    to a gateway   (As admin for example)

But it can be done via Powershell   

https://blog.jpries.com/2021/11/25/adding-a-non-email-enabled-object-to-power-bi-gateway-cluster-use...

chriswhite1
Regular Visitor

did you manage to find a solution to adding a Service principal to an existing gateway on PBI?

V-lianl-msft
Community Support
Community Support

Hi @Anonymous ,

 

Within the Power BI Admin portal, we need to ensure that our Tenant settings allow service principals to use Power BI APIs. In addition, you can restrict access to the APIs through security groups.

For more details,please refer to:

https://www.serverlessnotes.com/docs/list-gateways-power-bi-rest-api 

 

Best Regards,
Liang
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

 

Hi @sreejiths,

I hope this topic is not stale for you.*

1- As advised in the documentation, add your Service Principal to a Security Group

2- Then go to the Power Platform Admin Portal > Data section and add this Security Group to your Gateway's Admins

 

Your Service Principal will then have access to the gateway.

 

Hope this helps !

 

Franck

Anonymous
Not applicable

Thanks for the reponse. The tenant level developer settings for using SPN are already given and as I mentioned in the above description, I was able to list the gateways that are created using the Powershell cmdlet. My concern is regarding adding the SPN as an admin to the the gateways that exists already. 

I am also having this problem, my SP is in a security group ,I have added the security group as admin on all the gateways, I have this security group allowed to use all the APIs in Power BI tenant settings.

Still, the SP call to api.powerbi.com/v1.0/myorg/gateways returns an empty list.

The SP is able to call all other API endpoints I have tried without a problem.

@duncanmi I am having the same issue. Is this something you where able to resolve?

@kpia @duncanmi 

I've just made it work!!  I removed the Service Principal Security Group from the Gateway and re-added it. 

The only difference this time was I added it as an Admin at the first instance, my previous attempt I initially added the Security Group as a Content Creator then later switched it to Admin.  Might help someone.

 

@kpia @duncanmi 

Did you manage to find a solution to this?  I am having the exact same issue, can't get Gateways as the Service Principal.

Helpful resources

Announcements
November Carousel

Fabric Community Update - November 2024

Find out what's new and trending in the Fabric Community.

Live Sessions with Fabric DB

Be one of the first to start using Fabric Databases

Starting December 3, join live sessions with database experts and the Fabric product team to learn just how easy it is to get started.

Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount! Early Bird pricing ends December 9th.

Nov PBI Update Carousel

Power BI Monthly Update - November 2024

Check out the November 2024 Power BI update to learn about new features.