News and Announcements icon

Power Platform CommunityForums Power Apps - Power Apps Governance and Administ... Use of Azure Purview a...

Power Apps - Power Apps Governance and Administ...

Unanswered

Use of Azure Purview against a PowerBI workspace

(1) Share

Report

Report

Posted on by joseescm

2

We recently had a request from our depts to allow access to a specific workspace from their instance of Azure Purview. They did some preliminary investigation and provide the following information to have us configure and give them access. My issue is that reading some of the material from the documents it seems I am allowing their instance to now have access to all things on PowerBI for the tenant and not just their things. Is there a method to set this up so that it only looks at their data and not the tenant as a whole. Please advise.

We have three requirements:

Be able to register our PowerBI datasets into our Microsoft Purview instance
Be able to automate refreshes via the REST API
Be able to query PowerBI datasets from custom applications from the REST API

We are requesting:

In order to use Purview with our PowerBI workspace:
- Read-Only PowerBI API to be enabled at the tenant for a specific AD security group.
  - https://learn.microsoft.com/en-us/power-bi/enterprise/read-only-apis-service-principal-authentication
- Our service principle XXXXX be assigned the following delegated permissions:
  - Microsoft Graph openid
  - Microsoft Graph User.Read
  - Described in ‘Private access’ tab of ‘Deployment Checklist’: https://learn.microsoft.com/en-us/azure/purview/register-scan-power-bi-tenant?tabs=Scenario3#deployment-checklist
- Enable admin APIs responses with detailed metadata
  - https://learn.microsoft.com/en-us/power-bi/admin/service-admin-metadata-scanning-setup#enable-tenant-settings-for-metadata-scanning
- Enable enhance admin APIs responses with DAX and mashup expressions:
  - https://learn.microsoft.com/en-us/power-bi/admin/service-admin-metadata-scanning-setup#enable-tenant-settings-for-metadata-scanning
In order to use the PowerBI REST API for automating tasks with the user’s permissions and security level:
- Our application app-XXXXX be assigned the following delegated permissions:
  - Dataset.ReadWrite.all
  - Workspace.ReadWrite.All
  - Pipeline.ReadWrite.All
  - Report.ReadWrite.All
  - https://learn.microsoft.com/en-us/rest/api/power-bi/

Categories:

All responses Img

All responses (0)

Answers Img

Answers (0)

Helpful resources

News and Announcements

Welcome to the Power Platform Communities - Lets Get Started!

Announcing new navigation menus and the Engage with the Community forum!

Quick Links

Leaderboard > Power Apps - Power Apps Governance and Administering

#1

Michael E. Gernaey 15 Super User 2025 Season 1

#2

stampcoin 9

#3

bscarlavai33 5 Super User 2025 Season 1

Overall leaderboard

Featured topics

Product updates

Microsoft Power Platform Community release plans