You can configure Admin User or Service Principal authentication types to access Microsoft Power BI. Before you configure the authentication, you need to set up your environment and get the authentication details.
Configure access
To access Microsoft Power BI, follow these steps to set up your environment:
•Configure a connection to the Microsoft Power BI source system in Administrator.
•Enable port 443 and configure your firewall to allow traffic to pass over port 443. The Secure Agent uses port 443 to connect to the internet.
•If you use service principal authentication to authenticate your organization to the Microsoft Power BI service, enable read-only access to the Power BI admin API. For information about configuring service principal for read-only admin APIs, see HOW TO: Configure Service Principal for Microsoft Power BI.
•In the Admin API settings section of the Power BI admin portal, enable the option Enhance admin APIs responses with DAX and mashup expressions.
•Whether you authenticate using the administrator privileges or a service principal, enable Preview features for your organization to extract metadata from a Microsoft Power BI source system. Additionally, enable the enhanced metadata scanning feature to extract lineage from refreshed and republished datasets in your Microsoft Power BI environment.
•If you plan to connect Microsoft Power BI to Microsoft Azure through a REST API with the administrator user role, perform the following tasks:
1Assign one of the following Power BI administrator privileges to the administrator user role:
▪ Microsoft 365 Global Administrator
▪ Power BI Service Administrator
2Obtain administrator access at the workspace level.
Get authentication details
Ensure you get all the required authentication details based on the authentication method you want to use:
Admin User
You need the client ID for your application registered in the Azure Active Directory, user name, and password to connect to Microsoft Power BI instances.
Service Principal
You need the client ID, client secret, and tenant ID for your application registered in the Azure Active Directory.