Welcome to our blog post on using service principals with data gateways in Power BI! If you’re new to Power BI and data gateways, this article will provide you with a step-by-step guide on how to authenticate and access on-premises or private data sources using service principals.

Before we dive into the details, let’s quickly explain what a service principal is. In Power BI, a service principal is a security identity used by applications or services to authenticate and access resources. It allows you to keep your data fresh without relying on a specific user’s credentials.

Here are the high-level steps to use service principals with data gateways:

1. Add the service principal as a user of the data source(s) in Data Gateway
2. Add the service principal as an administrator of the Data Gateway
3. Make the service principal the owner of the dataset
4. Bind the dataset to the Data Gateway data source(s)

Let’s go through each step in detail:

Step 1 – Add Service Principal as a User of Data Source(s) in Data Gateway

In this step, you can easily add the service principal as a user of the data source(s) in Data Gateway using the Power BI Service. Simply open the “Manage connections and gateways” link from the Settings in the Power BI service. From there, you can manage users for your data source and add the service principal with the appropriate permissions.

Step 2 – Add Service Principal as an Administrator of Data Gateway

In this step, you can add the service principal as an administrator of the Data Gateway using the Power BI Service. Similar to Step 1, open the “Manage connections and gateways” link and navigate to the On-Premises data gateways tab. From there, you can manage users for your gateway and add the service principal with the admin permission.

Step 3 – Make Service Principal the Owner of the Dataset

In order to make the dataset independent of a specific user’s credentials, we need to make the service principal the owner of the dataset. This step requires the use of PowerShell, as service principals cannot log into the Power BI service interactively. You can use a PowerShell script to make this happen, which will also be used in the next step.

Step 4 – Bind the Dataset to the Data Gateway Data Source(s)

In this step, you need to bind the dataset to the Data Gateway data source(s) using PowerShell. Unfortunately, there is no interface in the Power BI service to do this for datasets owned by service principals. You can download a PowerShell script from our GitHub repository that will help you with this step. The script requires certain values, such as the service principal app ID, secret value, object ID, Power BI Gateway cluster ID, and other necessary information.

Once you have completed these four steps, you will have successfully set up and configured service principals with data gateways in Power BI. This allows you to keep your data fresh and access on-premises or private data sources without relying on specific user credentials.

We hope this article has been helpful in guiding you through the process of using service principals with data gateways in Power BI. If you have any questions or need further assistance, please feel free to reach out to us.

Happy data querying!