Skip to main content

Setup guide

Environment access level

In order to use Power BI embedded Reports and Dashboards, Service Principal must be enabled and properly set up on Azure/Power BI service admin settings following Microsoft guide

Microsoft guide summarized:

To enable service principal authentication for Power BI read-only APIs, follow these steps:

  1. Create an Azure AD app. If you already have an Azure AD app you wish to use, you can skip this step. Be sure to record the App ID for use in later steps.
  2. Create a new Security Group in Azure Active Directory. Information on how to create a basic group and add members using Azure Active Directory can be found here). If you already have a security group you wish to use, you can skip this step. Please ensure the Group type is set to Security.
  3. Add your App ID as a member of the security group you created. To do this:
    1. Navigate to Azure portal > Azure Active Directory > Groups, and choose the security group you created in Step 2.
    2. Select Add Members.
  4. Enable the Power BI service admin settings. To do this:
    1. Log in to the Power BI admin portal. You need to be a Power BI admin to see the Tenant Settings page.
    2. Under Admin API settings, find the option Allow service principals to use read-only Power BI admin APIs. Set the toggle to Enabled, then select the Specific security groups radio button and add the security group you created in Step 2 in the text field that appears below it.