...
Create Application Manually
Go to your Microsoft Azure console / Entra ID / App Registrations
+ Add / App RegistrationNew registration
...
...
Name : your application name (service principal name also)
Redirect Url : where to redirect after azure authentication = WIP external URL
Press Register.
Once created go to API Permissions and use “+Add a permission “ permission“ to add permissions like below from
Microsoft Graph (import users)
...
User.Read
Power BI Service
Application permissions (Admin consent required)
Tenant.ReadWrite.All
Delegated Permissions
Connection.ReadWrite.All
Dataset.ReadWrite.All
Gateway.ReadWrite.All
Item.ReadWrite.All
PaginatedReport.ReadWrite.All
Report.ReadWrite.All
SemanticModel.ReadWrite.All
Workspace.ReadWrite.All
...
Assign Service Principal to Workspaces
...
You need to assign the service principal to all workspaces you want to control with WIP (my workspaces is not necessary as they will be accessed using the login user)
Add service principal to fabric administrative group
You need to add your service principal to a group (that you might create) having having assigned roles = “Fabric Administrator”
Known Errors
The caller is not authenticated to access this resource Status: 401 (Unauthorized)
Add the service principal to a group having assigned roles = Fabric Administrator”
Authenticate issue, invalid_request,AADSTS9002327: Tokens issued for the 'Single-Page Application' client-type may only be redeemed via cross-origin requests.
ssss