Using a Service Principal to get all Entra ID Group Members into JSON File using a Python Notebook – FourMoo | Fabric

September 18, 2024 admin Power BI 0


Using a Service Principal to get all Entra ID Group Members into JSON File using a Python Notebook

Sometimes it is useful to get all Group Members into a JSON file so that this could be used for reporting purposes.

Reference Notebook: Get Entra ID Group Members – Power BI

In the steps below I will show you how I did this using a Notebook.

The first part is where I needed to setup and configure the Service Principal Permissions.

The second part is where I am using my Notebook to query and extract the data to a JSON file in my Lakehouse.

Service Principal Permissions

I am using my existing Power BI Service Principal, where I will then add the permissions required to query Entra ID Group and group members.

NOTE: To complete the steps below I had to log in with Admin permissions in Azure to grant the required permissions.

Next, I had to grant permission for my service principal to get the Directory Readers role.

NOTE: If this role is not added the later steps will fail due to not having enough privileges.

Python Code to get all group members from all groups

The code below was created by ChatGPT, where I modified it to save the JSON file into my Lakehouse Files section.

I am going to explain the pieces of code I think are important below.

I will also have a link to the notebook where you can download the notebook to run in your own Fabric environment.

Fabric/BLOG – Entra ID All Group Members.ipynb at main · GilbertQue/Fabric (github.com)

  • The first part is where I am getting the credentials from my Key Vault.
  • A screenshot of a computer code Description automatically generated
  • The next code cell there are 2 area’s where you might want to change.
  • LINE 60:
    • Here I wanted to add the jobTitle and companyName attributes from Entra ID so I added them in.
  • LINE 72:
    • This is the location where I wanted to save the JSON file to in my Lakehouse where I created the folder.

This is what it looks like when I run the notebook.

A screenshot of a computer Description automatically generated

Summary

In this blog post I have shown you how to configure your Service Principal so that it will be able to read the Entra ID Group and associated members. You can then download the JSON file to your Lakehouse, which can be later used for reporting or analysis in your Lakehouse or in a Power BI Sematic Model.

Thanks for reading I hope you found this helpful!



Source link

Be the first to comment

Leave a Reply

Your email address will not be published.


*