Gateways - Add Gateway Role Assignment
Adds a gateway role assignment.
To get the principal user ID required for request body, see Find the user ID.
Service Principal Profiles are not supported for Gateway Role Assignments.
Permissions
- The caller must have ConnectionCreatorWithResharing or higher role on the gateway.
Required Delegated Scopes
Gateway.ReadWrite.All
Microsoft Entra supported identities
This API supports the Microsoft identities listed in this section.
| Identity | Support |
|---|---|
| User | Yes |
| Service principal and Managed identities | Yes |
Interface
POST https://api.fabric.microsoft.com/v1/gateways/{gatewayId}/roleAssignmentsURI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
gateway
|
path | True |
string (uuid) |
The ID of the gateway. |
Request Body
| Name | Required | Type | Description |
|---|---|---|---|
| principal | True |
The principal. |
|
| role | True |
The gateway role of the principal. |
Responses
| Name | Type | Description |
|---|---|---|
| 201 Created |
Successfully created. Headers Location: string |
|
| Other Status Codes |
Common error codes:
|
Examples
Add gateway role assignment example
Sample request
POST https://api.fabric.microsoft.com/v1/gateways/d12d139f-4141-467c-9f53-80787b198843/roleAssignments
{
"principal": {
"id": "6a002b3d-e4ec-43df-8c08-e8eb7547d9dd",
"type": "User"
},
"role": "ConnectionCreator"
}
Sample response
Location: https://api.fabric.microsoft.com/v1/gateways/d12d139f-4141-467c-9f53-80787b198843/roleAssignments/6a002b3d-e4ec-43df-8c08-e8eb7547d9dd{
"id": "6a002b3d-e4ec-43df-8c08-e8eb7547d9dd",
"principal": {
"id": "6a002b3d-e4ec-43df-8c08-e8eb7547d9dd",
"type": "User"
},
"role": "ConnectionCreator"
}Definitions
| Name | Description |
|---|---|
|
Add |
The add gateway role assignment request for a principal. |
|
Error |
The error related resource details object. |
|
Error |
The error response. |
|
Error |
The error response details. |
|
Gateway |
A Gateway role. Additional gateway roles may be added over time. |
|
Gateway |
The gateway role assignment for a principal. |
|
Group |
Group specific details. Applicable when the principal type is |
|
Group |
The type of the group. Additional group types may be added over time. |
| Principal |
Represents an identity or a Microsoft Entra group. |
|
Principal |
The type of the principal. Additional principal types may be added over time. |
|
Service |
Service principal specific details. Applicable when the principal type is |
|
Service |
Service principal profile details. Applicable when the principal type is |
|
User |
User principal specific details. Applicable when the principal type is |
AddGatewayRoleAssignmentRequest
The add gateway role assignment request for a principal.
| Name | Type | Description |
|---|---|---|
| principal |
The principal. |
|
| role |
The gateway role of the principal. |
ErrorRelatedResource
The error related resource details object.
| Name | Type | Description |
|---|---|---|
| resourceId |
string |
The resource ID that's involved in the error. |
| resourceType |
string |
The type of the resource that's involved in the error. |
ErrorResponse
The error response.
| Name | Type | Description |
|---|---|---|
| errorCode |
string |
A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users. |
| message |
string |
A human readable representation of the error. |
| moreDetails |
List of additional error details. |
|
| relatedResource |
The error related resource details. |
|
| requestId |
string |
ID of the request associated with the error. |
ErrorResponseDetails
The error response details.
| Name | Type | Description |
|---|---|---|
| errorCode |
string |
A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users. |
| message |
string |
A human readable representation of the error. |
| relatedResource |
The error related resource details. |
GatewayRole
A Gateway role. Additional gateway roles may be added over time.
| Value | Description |
|---|---|
| Admin |
Enables administrative access for the gateway. |
| ConnectionCreatorWithResharing |
Enables connection creator with resharing access for the gateway. |
| ConnectionCreator |
Enables connection creator access for the gateway. |
GatewayRoleAssignment
The gateway role assignment for a principal.
| Name | Type | Description |
|---|---|---|
| id |
string (uuid) |
The object ID of the gateway role assignment. |
| principal |
The principal. |
|
| role |
The gateway role of the principal. |
GroupDetails
Group specific details. Applicable when the principal type is Group.
| Name | Type | Description |
|---|---|---|
| groupType |
The type of the group. Additional group types may be added over time. |
GroupType
The type of the group. Additional group types may be added over time.
| Value | Description |
|---|---|
| Unknown |
Principal group type is unknown. |
| SecurityGroup |
Principal is a security group. |
| DistributionList |
Principal is a distribution list. |
Principal
Represents an identity or a Microsoft Entra group.
| Name | Type | Description |
|---|---|---|
| displayName |
string |
The principal's display name. |
| groupDetails |
Group specific details. Applicable when the principal type is |
|
| id |
string (uuid) |
The principal's ID. |
| servicePrincipalDetails |
Service principal specific details. Applicable when the principal type is |
|
| servicePrincipalProfileDetails |
Service principal profile details. Applicable when the principal type is |
|
| type |
The type of the principal. Additional principal types may be added over time. |
|
| userDetails |
User principal specific details. Applicable when the principal type is |
PrincipalType
The type of the principal. Additional principal types may be added over time.
| Value | Description |
|---|---|
| User |
Principal is a Microsoft Entra user principal. |
| ServicePrincipal |
Principal is a Microsoft Entra service principal. |
| Group |
Principal is a security group. |
| ServicePrincipalProfile |
Principal is a service principal profile. |
| EntireTenant |
Principal represents all tenant users. |
ServicePrincipalDetails
Service principal specific details. Applicable when the principal type is ServicePrincipal.
| Name | Type | Description |
|---|---|---|
| aadAppId |
string (uuid) |
The service principal's Microsoft Entra AppId. |
ServicePrincipalProfileDetails
Service principal profile details. Applicable when the principal type is ServicePrincipalProfile.
| Name | Type | Description |
|---|---|---|
| parentPrincipal |
The service principal profile's parent principal. |
UserDetails
User principal specific details. Applicable when the principal type is User.
| Name | Type | Description |
|---|---|---|
| userPrincipalName |
string |
The user principal name. |