Users - List Access Entities
Note
This API is in preview.
Returns a list of permission details for Fabric and PowerBI items the specified user can access.
This API supports pagination. A maximum of 10,000 records can be returned per request. With the continuous token provided in the response, you can get the next 10,000 records.
Page order:
- Fabric items
- Datamarts
- Reports
- Dashboards
- SemanticModels
- Apps
- Dataflows
Permissions
The caller must be a Fabric administrator or authenticate using a service principal.
Required Delegated Scopes
Tenant.Read.All or Tenant.ReadWrite.All
Limitations
Maximum 200 requests per hour.
Microsoft Entra supported identities
This API supports the Microsoft identities listed in this section.
| Identity | Support |
|---|---|
| User | Yes |
| Service principal and Managed identities | Yes |
Interface
GET https://api.fabric.microsoft.com/v1/admin/users/{userId}/accessGET https://api.fabric.microsoft.com/v1/admin/users/{userId}/access?type={type}&continuationToken={continuationToken}URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
user
|
path | True |
string |
The user graph ID or User Principal Name (UPN). |
|
continuation
|
query |
string |
Continuous token used to get the next page items. |
|
|
type
|
query |
string |
The item type. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
The operation was successful. |
|
| Other Status Codes |
Common error codes:
|
Examples
| List item access details by graph ID and type query parameter example |
| List item access details by graph ID example |
| List item access details by User Principal Name (UPN) example |
List item access details by graph ID and type query parameter example
Sample request
GET https://api.fabric.microsoft.com/v1/admin/users/f089354e-8366-4e18-aea3-4cb4a3a50b48/access?type=Report
Sample response
{
"accessEntities": [
{
"id": "17d8929d-ab32-46d1-858b-fdea74e93bf2",
"displayName": "Test Report",
"category": "Item",
"itemAccessDetails": {
"type": "Report",
"permissions": [
"Read",
"Reshare"
],
"additionalPermissions": [
"ReadAll",
"viewOutput"
]
}
}
],
"continuationUri": null,
"continuationToken": null
}List item access details by graph ID example
Sample request
GET https://api.fabric.microsoft.com/v1/admin/users/f089354e-8366-4e18-aea3-4cb4a3a50b48/access
Sample response
{
"accessEntities": [
{
"id": "17d8929d-ab32-46d1-858b-fdea74e93bf2",
"displayName": "TestNotebook",
"category": "Item",
"itemAccessDetails": {
"type": "Notebook",
"permissions": [
"Read",
"Reshare",
"Explore"
],
"additionalPermissions": [
"ReadAll",
"viewOutput"
]
}
}
],
"continuationUri": "https://api.fabric.microsoft.com/v1/admin/users/f3052d1c-61a9-46fb-8df9-0d78916ae041/access/?continuationToken=MSwxMDAwMCww",
"continuationToken": "MSwxMDAwMCww"
}List item access details by User Principal Name (UPN) example
Sample request
GET https://api.fabric.microsoft.com/v1/admin/users/Test@Contoso.com/access
Sample response
{
"accessEntities": [
{
"id": "17d8929d-ab32-46d1-858b-fdea74e93bf2",
"displayName": "TestNotebook",
"category": "Item",
"itemAccessDetails": {
"type": "Notebook",
"permissions": [
"Read",
"Reshare",
"Explore"
],
"additionalPermissions": [
"ReadAll",
"viewOutput"
]
}
}
],
"continuationUri": "https://api.fabric.microsoft.com/v1/admin/users/f3052d1c-61a9-46fb-8df9-0d78916ae041/access/?continuationToken=MSwxMDAwMCww",
"continuationToken": "MSwxMDAwMCww"
}Definitions
| Name | Description |
|---|---|
|
Access |
Access details for the given user. |
|
Access |
A list of entities and permissions. |
| Category |
The category of the item type. Additional category types may be added over time. |
|
Error |
The error related resource details object. |
|
Error |
The error response. |
|
Error |
The error response details. |
|
Item |
Item permission details such as read and reshare. |
|
Item |
Item permissions. Additional item permissions may be added over time. |
|
Item |
The type of the item. Additional item types may be added over time. |
AccessEntity
Access details for the given user.
| Name | Type | Description |
|---|---|---|
| category |
Entity category such as item. |
|
| displayName |
string |
Entity name. |
| id |
string (uuid) |
The object ID of the entity. |
| itemAccessDetails |
Item permissions. |
|
| type |
string |
Entity type. |
AccessEntityResponse
A list of entities and permissions.
| Name | Type | Description |
|---|---|---|
| accessEntities |
A list of users with access to an entity. |
|
| continuationToken |
string |
The token for the next result set batch. If there are no more records, it's removed from the response. |
| continuationUri |
string |
The URI of the next result set batch. If there are no more records, it's removed from the response. |
Category
The category of the item type. Additional category types may be added over time.
| Value | Description |
|---|---|
| Item |
Fabric items such as Notebook, Synapse and KQL Database. |
ErrorRelatedResource
The error related resource details object.
| Name | Type | Description |
|---|---|---|
| resourceId |
string |
The resource ID that's involved in the error. |
| resourceType |
string |
The type of the resource that's involved in the error. |
ErrorResponse
The error response.
| Name | Type | Description |
|---|---|---|
| errorCode |
string |
A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users. |
| message |
string |
A human readable representation of the error. |
| moreDetails |
List of additional error details. |
|
| relatedResource |
The error related resource details. |
|
| requestId |
string |
ID of the request associated with the error. |
ErrorResponseDetails
The error response details.
| Name | Type | Description |
|---|---|---|
| errorCode |
string |
A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users. |
| message |
string |
A human readable representation of the error. |
| relatedResource |
The error related resource details. |
ItemAccessDetail
Item permission details such as read and reshare.
| Name | Type | Description |
|---|---|---|
| additionalPermissions |
string[] |
Workload permissions such as readAll and viewOutput. |
| permissions |
Item permissions such as read and reshare. |
|
| type |
Entity type. |
ItemPermissions
Item permissions. Additional item permissions may be added over time.
| Value | Description |
|---|---|
| Execute |
User can execute and cancel item jobs. |
| Explore |
User can build items on other items. |
| Read |
User can read the metadata about an item. |
| Reshare |
User can share an item with other users. |
| Write |
User can perform write operations on an item. |
ItemType
The type of the item. Additional item types may be added over time.
| Value | Description |
|---|---|
| ApacheAirflowJob |
An ApacheAirflowJob. |
| CopyJob |
A Copy job. |
| Dashboard |
PowerBI dashboard. |
| DataPipeline |
A data pipeline. |
| Dataflow |
A Dataflow. |
| Datamart |
PowerBI datamart. |
| DigitalTwinBuilder |
A DigitalTwinBuilder. |
| DigitalTwinBuilderFlow |
A Digital Twin Builder Flow. |
| Environment |
An environment. |
| Eventhouse |
An eventhouse. |
| Eventstream |
An eventstream. |
| GraphQLApi |
An API for GraphQL item. |
| KQLDashboard |
A KQL dashboard. |
| KQLDatabase |
A KQL database. |
| KQLQueryset |
A KQL queryset. |
| Lakehouse |
A lakehouse. |
| MLExperiment |
A machine learning experiment. |
| MLModel |
A machine learning model. |
| MirroredAzureDatabricksCatalog |
A mirrored azure databricks catalog. |
| MirroredDatabase |
A mirrored database. |
| MirroredWarehouse |
A mirrored warehouse. |
| MountedDataFactory |
A MountedDataFactory. |
| Notebook |
A notebook. |
| PaginatedReport |
PowerBI paginated report. |
| Reflex |
A Reflex. |
| Report |
PowerBI report. |
| SQLDatabase |
A SQLDatabase. |
| SQLEndpoint |
An SQL endpoint. |
| SemanticModel |
PowerBI semantic model. |
| SparkJobDefinition |
A spark job definition. |
| VariableLibrary |
A VariableLibrary. |
| Warehouse |
A warehouse. |
| WarehouseSnapshot |
A Warehouse snapshot. |