Delen via


Admin - Get Power BI Encryption Keys

Returns the encryption keys for the tenant.

Permissions

  • The user must be a Fabric administrator or authenticate using a service principal.
  • Delegated permissions are supported.

When running under service prinicipal authentication, an app must not have any admin-consent required premissions for Power BI set on it in the Azure portal.

Required Scope

Tenant.Read.All or Tenant.ReadWrite.All

Relevant only when authenticating via a standard delegated admin access token. Must not be present when authentication via a service principal is used.

Limitations

Maximum 200 requests per hour.

GET https://api.powerbi.com/v1.0/myorg/admin/tenantKeys

Responses

Name Type Description
200 OK

TenantKeys

OK

Examples

Example

Sample request

GET https://api.powerbi.com/v1.0/myorg/admin/tenantKeys

Sample response

{
  "value": [
    {
      "id": "82d9a37a-2b45-4221-b012-cb109b8e30c7",
      "name": "Contoso Sales",
      "keyVaultKeyIdentifier": "https://contoso-vault2.vault.azure.net/keys/ContosoKeyVault/b2ab4ba1c7b341eea5ecaaa2wb54c4d2",
      "isDefault": true,
      "createdAt": "2019-04-30T21:35:15.867-07:00",
      "updatedAt": "2019-04-30T21:35:15.867-07:00"
    }
  ]
}

Definitions

Name Description
TenantKey

Encryption key information

TenantKeys

Encryption keys information

TenantKey

Encryption key information

Name Type Description
createdAt

string

The creation date and time of the encryption key

id

string

The ID of the encryption key

isDefault

boolean

Whether the encryption key is the default key for the entire tenant. Any newly created capacity inherits the default key.

keyVaultKeyIdentifier

string

The URI that uniquely specifies the encryption key in Azure Key Vault

name

string

The name of the encryption key

updatedAt

string

The last update date and time of the encryption key

TenantKeys

Encryption keys information

Name Type Description
odata.context

string

value

TenantKey[]

Encryption keys