Admin - Get Power BI Encryption Keys
Returns the encryption keys for the tenant.
Permissions
- The user must be a Fabric administrator or authenticate using a service principal.
- Delegated permissions are supported.
When running under service prinicipal authentication, an app must not have any admin-consent required premissions for Power BI set on it in the Azure portal.
Required Scope
Tenant.Read.All or Tenant.ReadWrite.All
Relevant only when authenticating via a standard delegated admin access token. Must not be present when authentication via a service principal is used.
Limitations
Maximum 200 requests per hour.
GET https://api.powerbi.com/v1.0/myorg/admin/tenantKeys
Responses
Name | Type | Description |
---|---|---|
200 OK |
OK |
Examples
Example
Sample request
GET https://api.powerbi.com/v1.0/myorg/admin/tenantKeys
Sample response
{
"value": [
{
"id": "82d9a37a-2b45-4221-b012-cb109b8e30c7",
"name": "Contoso Sales",
"keyVaultKeyIdentifier": "https://contoso-vault2.vault.azure.net/keys/ContosoKeyVault/b2ab4ba1c7b341eea5ecaaa2wb54c4d2",
"isDefault": true,
"createdAt": "2019-04-30T21:35:15.867-07:00",
"updatedAt": "2019-04-30T21:35:15.867-07:00"
}
]
}
Definitions
Name | Description |
---|---|
Tenant |
Encryption key information |
Tenant |
Encryption keys information |
TenantKey
Encryption key information
Name | Type | Description |
---|---|---|
createdAt |
string |
The creation date and time of the encryption key |
id |
string |
The ID of the encryption key |
isDefault |
boolean |
Whether the encryption key is the default key for the entire tenant. Any newly created capacity inherits the default key. |
keyVaultKeyIdentifier |
string |
The URI that uniquely specifies the encryption key in Azure Key Vault |
name |
string |
The name of the encryption key |
updatedAt |
string |
The last update date and time of the encryption key |
TenantKeys
Encryption keys information
Name | Type | Description |
---|---|---|
odata.context |
string |
|
value |
Encryption keys |