Set Up Azure API Application with Service Principal
This guide will walk you through the setup of Microsoft Azure API app with service principal.
Dataverse requires an additional step of creating a user in Power Platform.
Register App
Go to Microsoft Azure.
Sign in with your Microsoft Azure account.
On the Home screen use Search, or go to the upper left corner menu to open the Microsoft Entra ID service.
Select Manage and open App registrations in the left menu.
Select + New registration.
Enter the Name of the app.
Choose desired account type – both Single tenant and Multitenant are allowed.
In the optional Redirect URI part, select Web-page application (WPA) and enter the http://localhost/ URL.
For older connector versions, refer to the table at the bottom of the page.
Select Register.
The Application (client) ID is your Client ID.
The Directory (tenant) ID is your Tenant ID.
Go to Certificates & secrets and add New client secret. Copy the Value as it won't be accessible again once you leave the page – this is your Client Secret.
Manage Service Principal
Note
These permissions are required only for Service Principal.
Go to API permissions to add these Application permissions.
Dataverse
Microsoft Graph
Files.Read.All
Files.ReadWrite.All
Sites.Read.All
OneDrive
Microsoft Graph
Files.Read.All
Files.ReadWrite.All
Sites.Read.All
Outlook 365
Microsoft Graph
Calendars.ReadWrite
Mail.ReadWrite
User.Read.All
Power BI Output
SharePoint
Microsoft Graph
Sites.Selected
Visit the Alteryx Community for more details.
AND/OR
SharePoint
Sites.Manage.All
Sites.ReadWrite.All
User.Read.All
Sign In to Your App
Now you can use this app in the connector. To authenticate login, you will need to enter your Client ID, Client Secret ID and Tenant ID in Designer and sign in to your account in the web browser.
For more information, visit Microsoft portal.
Power BI Service Principal
To use the custom API application...
Create an Azure security group and add the Power BI app registration (service principal) to it.
In the Power BI Admin Portal, go to Tenant Settings & Developer Settings. Turn on the option to Allow service principals to use Power BI APIs and add the security group under Apply to.
Add the Power BI app registration to your workspace access as a member. For more details, see the Power BI documentation.
Create User in Power Platform
Create a user for your Dataverse app in Power Platform and add a security role:
Go to Power Platform admin center.
Select an environment.
Select Settings. In Users + permissions, select Application users.
Select New app user.
Select Add an app and select your app.
Select a Business unit.
In Security roles, select an applicable role.
Select Create.
Select these options and enter these URLs for older connector versions when you set up a custom API application.
Connector and version | Dropdown option | URLs |
|---|---|---|
OneDrive version 2.0.2 and earlier | Single-page application (SPA) | |
Outlook 365 version 1.0.0 | ||
Power BI Output version 3.1.0 and earlier | ||
SharePoint Files version 1.1.1 and earlier |