Workspaces - List Workspace Access Details

Note

This API is in preview.

Returns a list of users (including groups and ServicePrincipals) that have access to the specified workspace.

Permissions

The caller must be a Fabric administrator or authenticate using a service principal.

Required Delegated Scopes

Tenant.Read.All or Tenant.ReadWrite.All

Limitations

Maximum 200 requests per hour.

Microsoft Entra supported identities

This API supports the Microsoft identities listed in this section.

Identity Support
User Yes
Service principal and Managed identities Yes

Interface

GET https://api.fabric.microsoft.com/v1/admin/workspaces/{workspaceId}/users

URI Parameters

Name In Required Type Description
workspaceId
path True

string

uuid

The workspace ID.

Responses

Name Type Description
200 OK

WorkspaceAccessDetailsResponse

The operation was successful.

Other Status Codes

ErrorResponse

Common error codes:

  • EntityNotFound - Workspace ID doesn't exist.

  • InsufficientPrivileges - The caller doesn't have permissions to call the API.

Examples

List of users for given workspace ID example

Sample request

GET https://api.fabric.microsoft.com/v1/admin/workspaces/f089354e-8366-4e18-aea3-4cb4a3a50b48/users

Sample response

{
  "accessDetails": [
    {
      "principal": {
        "id": "f3052d1c-61a9-46fb-8df9-0d78916ae041",
        "displayName": "Jacob Hancock",
        "type": "User",
        "userDetails": {
          "userPrincipalName": "jacob@example.com"
        }
      },
      "workspaceAccessDetails": {
        "type": "Workspace",
        "workspaceRole": "Admin"
      }
    },
    {
      "principal": {
        "id": "c7db8e03-c8cb-4d4c-9f64-1dcd327c9d3c",
        "displayName": "Caleb Foster",
        "type": "User",
        "userDetails": {
          "userPrincipalName": "caleb@example.com"
        }
      },
      "workspaceAccessDetails": {
        "type": "Workspace",
        "workspaceRole": "Viewer"
      }
    },
    {
      "principal": {
        "id": "f51b705f-a409-4d40-9197-c5d5f349e2f0",
        "displayName": "TestSecurityGroup",
        "type": "Group",
        "groupDetails": {
          "groupType": "SecurityGroup"
        }
      },
      "workspaceAccessDetails": {
        "type": "Workspace",
        "workspaceRole": "Contributor"
      }
    }
  ]
}

Definitions

Name Description
ErrorRelatedResource

The error related resource details object.

ErrorResponse

The error response.

ErrorResponseDetails

The error response details.

GroupDetails

Group specific details. Applicable when the principal type is Group.

GroupType

The type of the group. Additional group types may be added over time.

Principal

Represents an identity or a Microsoft Entra group.

PrincipalType

The type of the principal. Additional principal types may be added over time.

ServicePrincipalDetails

Service principal specific details. Applicable when the principal type is ServicePrincipal.

ServicePrincipalProfileDetails

Service principal profile details. Applicable when the principal type is ServicePrincipalProfile.

UserDetails

User principal specific details. Applicable when the principal type is User.

WorkspaceAccessDetail

Workspace permission details.

WorkspaceAccessDetails

User access details for the workspace.

WorkspaceAccessDetailsResponse

A list of users with access to a given entity.

WorkspaceRole

A Workspace role. Additional workspace roles may be added over time.

WorkspaceType

A workspace type. Additional workspace types may be added over time.

ErrorRelatedResource

The error related resource details object.

Name Type Description
resourceId

string

The resource ID that's involved in the error.

resourceType

string

The type of the resource that's involved in the error.

ErrorResponse

The error response.

Name Type Description
errorCode

string

A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users.

message

string

A human readable representation of the error.

moreDetails

ErrorResponseDetails[]

List of additional error details.

relatedResource

ErrorRelatedResource

The error related resource details.

requestId

string

ID of the request associated with the error.

ErrorResponseDetails

The error response details.

Name Type Description
errorCode

string

A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users.

message

string

A human readable representation of the error.

relatedResource

ErrorRelatedResource

The error related resource details.

GroupDetails

Group specific details. Applicable when the principal type is Group.

Name Type Description
groupType

GroupType

The type of the group. Additional group types may be added over time.

GroupType

The type of the group. Additional group types may be added over time.

Name Type Description
DistributionList

string

Principal is a distribution list.

SecurityGroup

string

Principal is a security group.

Unknown

string

Principal group type is unknown.

Principal

Represents an identity or a Microsoft Entra group.

Name Type Description
displayName

string

The principal's display name.

groupDetails

GroupDetails

Group specific details. Applicable when the principal type is Group.

id

string

The principal's ID.

servicePrincipalDetails

ServicePrincipalDetails

Service principal specific details. Applicable when the principal type is ServicePrincipal.

servicePrincipalProfileDetails

ServicePrincipalProfileDetails

Service principal profile details. Applicable when the principal type is ServicePrincipalProfile.

type

PrincipalType

The type of the principal. Additional principal types may be added over time.

userDetails

UserDetails

User principal specific details. Applicable when the principal type is User.

PrincipalType

The type of the principal. Additional principal types may be added over time.

Name Type Description
Group

string

Principal is a security group.

ServicePrincipal

string

Principal is a Microsoft Entra service principal.

ServicePrincipalProfile

string

Principal is a service principal profile.

User

string

Principal is a Microsoft Entra user principal.

ServicePrincipalDetails

Service principal specific details. Applicable when the principal type is ServicePrincipal.

Name Type Description
aadAppId

string

The service principal's Microsoft Entra AppId.

ServicePrincipalProfileDetails

Service principal profile details. Applicable when the principal type is ServicePrincipalProfile.

Name Type Description
parentPrincipal

Principal

The service principal profile's parent principal.

UserDetails

User principal specific details. Applicable when the principal type is User.

Name Type Description
userPrincipalName

string

The user principal name.

WorkspaceAccessDetail

Workspace permission details.

Name Type Description
type

WorkspaceType

Workspace type.

workspaceRole

WorkspaceRole

The workspace role.

WorkspaceAccessDetails

User access details for the workspace.

Name Type Description
principal

Principal

Information regarding the user who has access to the entity.

workspaceAccessDetails

WorkspaceAccessDetail

Workspace permissions for the user.

WorkspaceAccessDetailsResponse

A list of users with access to a given entity.

Name Type Description
accessDetails

WorkspaceAccessDetails[]

A list of users with access to an entity.

WorkspaceRole

A Workspace role. Additional workspace roles may be added over time.

Name Type Description
Admin

string

Enables administrative access to the workspace.

Contributor

string

Enables contribution to the workspace.

Member

string

Enables membership access to the workspace.

Viewer

string

Enables viewing of the workspace.

WorkspaceType

A workspace type. Additional workspace types may be added over time.

Name Type Description
AdminWorkspace

string

Admin monitoring workspace. Contains admin reports such as the audit report and the usage and adoption report.

Personal

string

My folder or My workspace used to manage user items.

Workspace

string

Workspace used to manage the Fabric items.