Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Join us for an expert-led overview of the tools and concepts you'll need to become a Certified Power BI Data Analyst and pass exam PL-300. Register now.

Reply
pvuppala
Helper V
Helper V

Create Gateway Connection - API

‎05-23-2025 07:41 AM

For all the admins out there, have you tried to setup any automated process to create gateway connections outside PowerShell, like Power Automate Flow.

 

My team uses PowerShell (So that we can Encrypt the creds) to create new connections with non-rotating credentials stored in our onprem CyberArk Safe etc.,

https://learn.microsoft.com/en-us/rest/api/power-bi/gateways/create-datasource#code-try-0

 

But, we would like to automate it further to avoid using our Desktops, also in future hopefully handles the password rotation.  Would love to hear what other teams are doing ?

 

Thanks!

-Pawan

Labels:
Message 1 of 5
513 Views
0
1 ACCEPTED SOLUTION
rohit1991
Super User
Super User

‎05-24-2025 11:23 AM

Hi @pvuppala ,
It's great to see your team already leveraging PowerShell and CyberArk for secure credential management when creating gateway connections in Power BI. While PowerShell provides flexibility and encryption support, many teams are indeed exploring more scalable and automated solutions like Power Automate or Azure Automation to remove dependency on individual desktops. As of now, Power Automate doesn’t natively support direct creation of gateway connections through built-in connectors, but you can integrate it with custom connectors or Azure Functions that call the Power BI REST API (like the createDatasource endpoint you referenced).

 

By doing so, you can fully automate the process using cloud-native tools and potentially trigger actions based on events (like password rotation alerts from CyberArk). Long-term, combining Azure Key Vault for secrets management and an automation engine like Azure DevOps or Logic Apps could give you even more control and traceability, especially if you're aiming for CI/CD practices around Power BI deployments. It’s promising to see more organizations moving in this direction, and Microsoft’s growing API surface will hopefully support these use cases more natively in the future.


Did it work? ✔ Give a Kudo • Mark as Solution – help others too!

View solution in original post

Message 2 of 5
446 Views
0
4 REPLIES 4
SaiTejaTalasila
Super User
Super User

‎05-27-2025 01:45 PM

Hi @pvuppala ,

 

It sounds good, but based on my experience, it's manageable only when you have a few connections. In reality, when dealing with a larger scale—like in our case, with thousands of connections and dozens of gateways—it becomes difficult to manage. If something goes wrong, it could significantly impact the business.

 

Thanks,

Sai Teja 

 

 

Message 5 of 5
311 Views
0
pvuppala
Helper V
Helper V

‎05-27-2025 09:29 AM

Thank you all, I'm looking to see if anyone successully implemented these approaches without going too much deep into it only to find out if we can't use encryption etc.,  Please respond if you automated any of this outside Desktop tools.

 

Thank you so much!

Message 4 of 5
336 Views
0
v-dineshya
Community Support
Community Support

‎05-26-2025 12:30 AM

Hi @pvuppala ,

Thank you for reaching out to us on the Microsoft Fabric Community Forum.

 

Thank you @rohit1991 , for sharing the valuable information. 

 

Hi @pvuppala , In addition to @rohit1991 response. i am adding some points.

 

Automation Alternatives to PowerShell on Desktops

1. Azure Automation + Runbooks

Headless automation of PowerShell scripts. Secure, cloud-based, scheduled or event-triggered. Supports linking to Azure Key Vault or CyberArk for credential management. Can be triggered from Power Automate, Azure DevOps, or any webhook/event.

2. Power Automate (Flow) + HTTP Actions

You can create a custom connector or use HTTP with Azure AD to call the Power BI REST API directly. You will need to register an Azure AD App with appropriate permissions (Tenant.Read.All, Dataset.ReadWrite.All). Acquire a token using Client Credentials Flow. Use HTTP or HTTP with Azure AD connector to call the API.

Note: Power Automate doesn't natively support encrypted credential handling like CyberArk. You'd need to call an external API that returns the credential securely.

3. Azure Functions (C# / PowerShell / Python)

Great for building small, API-triggered microservices. Your Azure Function can retrieve credentials from CyberArk using its REST API. Call Power BI Gateway API to create datasources. Be triggered by events (e.g. new dataset metadata, schedule). Secure execution and credential storage via Azure Key Vault or managed identity.

4. Azure DevOps Pipelines
If your environment is DevOps-centric, you can automate these tasks as part of a release pipeline. Secret variables or Key Vault can inject credentials. Run PowerShell or REST calls via agents.

For Handling Credentials (Password Rotation Support)

CyberArk Integration: Use CyberArk’s REST API to fetch credentials at runtime. Combine with Azure Function or PowerShell script to dynamically insert into the credentials body of the Create Datasource API.

Azure Key Vault: Supports automatic key/secret rotation when integrated with compatible services. Secure and scalable credential storage.

Please refer below Sample Architecture

Power Automate Flow (triggered by business need)

HTTP Webhook or Azure Function (retrieves CyberArk creds)

Power BI REST API (Create Gateway Datasource)

Note: Move away from desktop-based PowerShell to Azure-hosted automation. Fetch credentials at runtime securely (CyberArk or Key Vault). Wrap logic in reusable APIs (Functions or custom connectors). Plan for service principal-based auth (avoid user context where possible).

 

Please refer Microsoft articles and community threads.

Data Gateway : Automation using PowerShell - Part ... - Microsoft Fabric Community

On-premises data gateway management via PowerShell (Public Preview) | Microsoft Power BI Blog | Micr...

Automation of Data Gateway Installation(Public Preview) | Microsoft Power BI Blog | Microsoft Power ...

Manage connections in Power Automate - Power Automate | Microsoft Learn

Learn to manage on-premises data gateways - Power Automate | Microsoft Learn

Solved: Automated Refresh of Power BI Dataset using Powers... - Microsoft Fabric Community

 

If my response has resolved your query, please mark it as the "Accepted Solution" to assist others. Additionally, a "Kudos" would be appreciated if you found my response helpful.

Thank you

Message 3 of 5
390 Views
0
rohit1991
Super User
Super User

‎05-24-2025 11:23 AM

Hi @pvuppala ,
It's great to see your team already leveraging PowerShell and CyberArk for secure credential management when creating gateway connections in Power BI. While PowerShell provides flexibility and encryption support, many teams are indeed exploring more scalable and automated solutions like Power Automate or Azure Automation to remove dependency on individual desktops. As of now, Power Automate doesn’t natively support direct creation of gateway connections through built-in connectors, but you can integrate it with custom connectors or Azure Functions that call the Power BI REST API (like the createDatasource endpoint you referenced).

 

By doing so, you can fully automate the process using cloud-native tools and potentially trigger actions based on events (like password rotation alerts from CyberArk). Long-term, combining Azure Key Vault for secrets management and an automation engine like Azure DevOps or Logic Apps could give you even more control and traceability, especially if you're aiming for CI/CD practices around Power BI deployments. It’s promising to see more organizations moving in this direction, and Microsoft’s growing API surface will hopefully support these use cases more natively in the future.


Did it work? ✔ Give a Kudo • Mark as Solution – help others too!
Message 2 of 5
447 Views
0

Helpful resources

Announcements
July PBI25 Carousel

Power BI Monthly Update - July 2025

Check out the July 2025 Power BI update to learn about new features.

Join our Fabric User Panel

Join our Fabric User Panel

This is your chance to engage directly with the engineering team behind Fabric and Power BI. Share your experiences and shape the future.

June 2025 community update carousel

Fabric Community Update - June 2025

Find out what's new and trending in the Fabric community.

View All