Foundational

Use this connector to have Foundational scan and determine lineage and downstream impact for Power BI.

Permissions: You need to be an Azure admin for some parts of this setup.

In order to provide Foundational access to Power BI, please follow the steps below:

1. Create Azure Active Directory Application

Sign in to the Azure Portal at <a href="https://portal.azure.com" rel="nofollow noopener noreferrer" target="_blank">https://portal.azure.com</a>

In the new window, enter a name for the application, e.g., <code>powerbi-foundational-connector</code> . Keep the other options with the default selection, and click Register to complete

The Azure portal will now open the <code>powerbi-app-connector</code> window. Write down the value of <code>Application (client) ID</code>

Select <code>Add a certificate or secret</code> to generate a secret for the application

Click on <code>New client secret</code>

Fill in the description and set an expiration date

Write down the <code>Secret ID</code> and <code>Value</code>

1. Sign in to the Azure Portal at <a href="https://portal.azure.com" rel="nofollow noopener noreferrer" target="_blank">https://portal.azure.com</a>
2. Select Azure Active Directory 

3. Select App registrations 

4. Select New registration 
 
 
5. In the new window, enter a name for the application, e.g., <code>powerbi-foundational-connector</code> . Keep the other options with the default selection, and click Register to complete 

6. The Azure portal will now open the <code>powerbi-app-connector</code> window. Write down the value of <code>Application (client) ID</code> 
 
 
7. Select <code>Add a certificate or secret</code> to generate a secret for the application 
 
 
8. Click on <code>New client secret</code> 
 
 
9. Fill in the description and set an expiration date 
 
10. Write down the <code>Secret ID</code> and <code>Value</code>

2. Create a new Azure Active Directory security group

Sign in to <a href="https://portal.azure.com" rel="nofollow noopener noreferrer" target="_blank">https://portal.azure.com</a>

Set Group Type to <code>Security</code>, and provide a group name, e.g., <code>power-bi-foundational-connector-security-group</code>

Now, add a member to the group by clicking on <code>No members selected</code>

Add the <code>power-bi-foundational-connector</code> application that we created in the previous step as a member of this group

1. Sign in to <a href="https://portal.azure.com" rel="nofollow noopener noreferrer" target="_blank">https://portal.azure.com</a>
2. Go to Azure Active Directory
3. Select Groups
 
 
4. Click on <code>New group</code>
 
 
5. Set Group Type to <code>Security</code>, and provide a group name, e.g., <code>power-bi-foundational-connector-security-group</code>
 
 
6. Now, add a member to the group by clicking on <code>No members selected</code>
 
 
7. Add the <code>power-bi-foundational-connector</code> application that we created in the previous step as a member of this group

3. Assign Permissions to the Security Group

Sign in to <a href="https://app.powerbi.com/" rel="nofollow noopener noreferrer" target="_blank">https://app.powerbi.com/</a>

Click the gear icon to open Settings, and then select <code>Admin portal</code>

In <code>Admin portal</code>, select <code>Tenant settings</code>

In <code>Tenant settings</code>, select <code>Developer settings</code>

1. Enable the <code>Allow service principals to use Power BI APIs</code> option
2. Add power-bi-foundational-connector-security-group to the <code>Specific security groups</code>

In <code>Tenant settings</code>, go to the <code>Admin API settings</code> section, enable all options and add <code>power-bi-foundational-connector-security-group</code> to the <code>Specific security groups</code>

1. <code>Allow service principals to use read-only admin APIs</code>
2. <code>Enhance admin APIs responses with detailed metadata</code>
3. <code>Enhance admin APIs responses with DAX and mashup expressions</code>

1. Sign in to <a href="https://app.powerbi.com/" rel="nofollow noopener noreferrer" target="_blank">https://app.powerbi.com/</a>
2. Click the gear icon to open Settings, and then select <code>Admin portal</code> 
 
 
3. In <code>Admin portal</code>, select <code>Tenant settings</code> 
 
 
4. In <code>Tenant settings</code>, select <code>Developer settings</code>
 1. Enable the <code>Allow service principals to use Power BI APIs</code> option
 2. Add power-bi-foundational-connector-security-group to the <code>Specific security groups</code>
 
 
5. In <code>Tenant settings</code>, go to the <code>Admin API settings</code> section, enable all options and add <code>power-bi-foundational-connector-security-group</code> to the <code>Specific security groups</code>
 ** The options are:
 1. <code>Allow service principals to use read-only admin APIs</code>
 2. <code>Enhance admin APIs responses with detailed metadata</code>
 3. <code>Enhance admin APIs responses with DAX and mashup expressions</code>

4. Add the Security Group to Relevant Workspaces

Go to the workspace you want Foundational to access

Add <code>power-bi-foundational-connector-security-group</code> to the list of users with access, with a <code>Viewer</code> role

1. Sign in to <a href="https://app.powerbi.com/" rel="nofollow noopener noreferrer" target="_blank">https://app.powerbi.com/</a>
2. Go to the workspace you want Foundational to access
3. Select <code>Manage Access</code> 
 
 
4. Add <code>power-bi-foundational-connector-security-group</code> to the list of users with access, with a <code>Viewer</code> role

Configuring Power BI Connector

1. Create Azure Active Directory Application

2. Create a new Azure Active Directory security group

3. Assign Permissions to the Security Group

4. Add the Security Group to Relevant Workspaces