Please enter your information to subscribe to the Microsoft Fabric Blog.

Thanks for subscribing to the Microsoft Fabric Blog. You’ll receive email notifications when we publish new posts.

Microsoft Fabric Updates Blog

  1. Updates
  2. All

Service principal support for Fabric Data Warehouse

Announcing a significant enhancement in the way you can authenticate and manage your Fabric Data Warehouses: the introduction of service principal (SPN) support. This new feature empowers developers and administrators to automate processes, streamline operations, and increase security for their data workflows.

Earlier we launched service principal support for various Microsoft Fabric items, including Lakehouses and Eventhouses. Now, this support extends to Fabric Data Warehouses, making it easier to connect, manage, and deploy warehouse solutions in a secure, scalable way without needing to rely on user identities.

What is a Service Principal?
An Azure service principal is a security identity used by applications or automation tools to access specific Azure resources. Unlike user identities, service principals are non-human, application-based identities that can be assigned precise permissions, making them perfect for automated processes or background services. By leveraging service principals, you can connect to your data sources securely while minimizing the risks of human error and identity-based vulnerabilities. To create a service principal, refer to Register a Microsoft Entra app and create a service principal.

Benefits of Service Principal Support for Fabric Data Warehouses
The extension of service principal support to Fabric Data Warehouses offers a range of significant benefits:

  • Automation-friendly API Access: You can now create, update, read, and delete Warehouse items via Fabric REST APIs using service principals. This enables you to automate repetitive tasks, such as provisioning or managing warehouses, without relying on user credentials, thereby increasing security by limiting human error.
    • If you use a delegated account or fixed identity (owner’s identity) to create the warehouse, the warehouse will use that credential while accessing Onelake. This creates a problem when the owner leaves the organization, because the warehouse will stop working. To avoid this, create warehouses using an SPN.
    • Fabric also requires the user to login every 30 days to ensure a valid token is provided for security reasons. In the case of data warehouse, this would be the owner that needs to login to Fabric every 30 days. This can now be automated using an SPN – by running the List API.
    • Warehouses created by an SPN using REST APIs will be displayed in the Workspace list view in Fabric UI, with the Owner name of the SPN. In the image below, ‘Fabric Public API test app’ is the SPN that created the Contoso Sales Warehouse.
  • Seamless Integration with Client Tools: Tools like SQL Server Management Studio (SSMS) can now connect to your Fabric Data Warehouses using service principals. Once connected to such tools, SPN provides secure access for developers to run COPY INTO (with and without firewall enabled storage), and also to run any T-SQL query programmatically on a schedule with Data Factory pipelines.
  • Granular Access Control: Warehouses can be shared with an SPN through the Fabric portal. Once shared, administrators can use T-SQL commands like GRANT to assign specific permissions to service principals, to control precisely which data and operations an SPN has access to.
    • Example: GRANT SELECT ON <table name> TO <Service principal name>  
  • Improved DevOps and CI/CD Integration: Development teams need to integrate data warehousing into their DevOps and Continuous Integration/Continuous Deployment (CI/CD) pipelines to ensure rapid and reliable delivery of data solutions. By using service principals, you can automate the deployment and management of data warehouse resources. This integration ensures faster, more reliable deployment processes while maintaining strong security postures.

Conclusion
The introduction of service principal support for Fabric Data Warehouses marks a significant step forward in enhancing security and automation in data management. By allowing applications and tools to access warehouses securely through SPNs, this feature reduces the reliance on human intervention, lowers the risk of security breaches, and improves the efficiency of your data workflows.

Explore this feature today to streamline your data management processes and elevate your Fabric experience. For details on pre-requisites and considerations, refer to Service principals in Fabric warehouse.

Related blog posts

Service principal support for Fabric Data Warehouse

Blog's featured image

Introducing new item creation experience in Fabric
June 17, 2025 by Dan Liu

Have you ever found yourself frustrated by inconsistent item creation? Maybe you’ve struggled to select the right workspace or folder when creating a new item or ended up with a cluttered workspace due to accidental item creation. We hear you—and we’re excited to introduce the new item creation experience in Fabric! This update is designed … Continue reading “Introducing new item creation experience in Fabric”

Read more
Blog's featured image

Result Set Caching for Microsoft Fabric Data Warehouse (Preview)
June 16, 2025 by Emily Tehrani

Result Set Caching is now available in preview for Microsoft Fabric Data Warehouse and Lakehouse SQL analytics endpoint. This performance optimization works transparently to cache the results of eligible T-SQL queries. When the same query is issued again, it directly retrieves the stored result, instead of recompiling and recomputing the original query. This operation drastically … Continue reading “Result Set Caching for Microsoft Fabric Data Warehouse (Preview)”

Read more