Skip to main content
Microsoft Idea

Power BI

Needs Votes

Service principal to pull Activity logs

Vote (30) Share
Power BI Ideas Admin's profile image

Power BI Ideas Admin on 20 Jun 2020 06:38:54

Use Service Principal instead of full user accounts to authenticate and connect to power bi cmdlets while pulling activity logs.

Comments (3)
Power BI Ideas Admin's profile image Profile Picture

Pedro Octaviano on 07 Sep 2023 09:05:51

RE: Service principal to pull Activity logs

Even after three years, this remains a pressing concern. While I fully support the use of Service Principals for pulling activity logs, I'd also like to highlight the urgency for more granular API permissions. Accessing Power BI activity logs for the entire tenant currently demands sweeping permissions across multiple Microsoft 365 APIs. A role-based granularity specific to each API would not only enhance security but also align with best practices. It's high time we pivot towards a safer and more efficient system.

Power BI Ideas Admin's profile image Profile Picture

Mike Brown on 06 Jul 2020 00:17:44

RE: Service principal to pull Activity logs

Agreed and this should have hundreds of votes! https://ideas.powerbi.com/forums/265200-power-bi-ideas/suggestions/39641572-need-service-principle-support-for-admin-api

Power BI Ideas Admin's profile image Profile Picture

Aaron.Grossman on 06 Jul 2020 00:17:05

RE: Service principal to pull Activity logs

I would like to see this implemented so that I can implement Microsoft security best practices of using applications with a dedicated purpose only intended for one use of collecting the data.Today this runs under a personal account of an administrator that has access to significantly more than otherwise the scope of the developed solution to collect the activity logs should need.

One possible alternative is to a dummy human account for this purpose, but this feel like it defeats the purpose that is intended to be solved by registering an App.