In this blog, I will share the steps that you can utilize to access PowerBI Admin API from service principal.
There are many articles on the internet about it but there is mixture of information, so I am just documenting step by step that worked for us.
1. Register the APP in Azure AD and do not ADD any API permissions (This is important)
2. Create the Certificate and upload the thumbprint to the APP.
Here is the PowerShell command to do it.
New-SelfSignedCertificate -Subject ‘CN=DEVTESTCertificate’ -KeyLength 4096 -KeyUsageProperty All -KeyAlgorithm ‘RSA’ -HashAlgorithm ‘SHA256’ -Provider ‘Microsoft Enhanced RSA and AES Cryptographic Provider’ -NotAfter (Get-Date).AddYears(1)
Note: Delete the certificate from machine context and upload it to user context and disable the export of private key.
Do secure the cert with private key in some safe vault.
3. Create Azure AD security group as per naming conventions of you organization and ADD the APP/Service Principal you created above as member of it.
4. Now login to powerBI Admin à Tenant Settings à Admin API Settings
Select Service principals can access read-only Admin APIs à Enable it.
Apply to Specific Security Groups and Select the above group you created.
5. Now download and install PowerBI powershell modules
PowerBI Powershell
Install-Module -Name MicrosoftPowerBIMgmt
6. Connect the PowerBI utilizing the ServicePrincipal.
Connect-PowerBIServiceAccount -ServicePrincipal -CertificateThumbprint $thumbprint -ApplicationId $clientid -Tenant $tenantid
Now you will get connected and can run PowerShell commands using the service principal
Thanks for reading and downloading…
Tech Wizard
https://techwizard.cloud
https://syscloudpro.com/
PowerShell Fast Track