Power BI Authentication with Service Principal
Service principal authentication relies on the Power BI Tenant ID and the Azure Active Directory application ID that you provide in the lineage harvester configuration file. The password you need to access Power BI is the client secret key of the Azure Active Directory application.
Requirement
Enable the Admin API Settings (access read-only admin APIs) for the service principal in the Admin Portal of Power BI Service : Enable service principal authentication for read-only admin APIs - Microsoft Fabric | Microsoft Learn
Make sur to add the latter in a security group.
Authentication & Authorization
We need to keep the following values to get the authorization from the Power BI Service : tenant id, client id and client secret associated with the service principal.
public static IContextServicePowerBI GetContextServicesFromPowerBI(string tenantId, string clientId, string clientSecret)
{
var credential = new ClientSecretCredential(tenantId, clientId, clientSecret); // A service principal
var accessToken = credential.GetToken(new Azure.Core.TokenRequestContext(new[] { "https://analysis.windows.net/powerbi/api/.default" }));
var client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken.Token);
return new ContextServicePowerBI("", "", accessToken.Token, "Url", client, client.DefaultRequestHeaders.Authorization, "", "", "");
}