Microsoft Entra Service Principal authentication is the secure authentication used in Fabric Migration workload. After creating service principal, you can use it in multiple Fabric Migration projects.

Setting up service principal

1. Create new enterprise application in Azure portal
   1. You may need to be given additional permissions, such as Application Administrator
   2. Pick the "Register an application to integrate with Microsoft Entra ID (App you're developing)" type
   3. Note its name, application id and object id
   4. Go to App registrations, find your application in All applications, enter
   5. Go to "Certificates & secrets", create a certificate, save it

Enabling service principal in your Fabric tenant

1. Go to Fabric workspace, in the upper-right corner click Gears icon for settings
   1. Go to Admin portal
   2. In the Tenant settings, find Developer settings
   3. Enable the option "Service principals can use Fabric APIs"
2. Go to Fabric workspace, in the upper-right corner click Manage access
   1. + Add people or groups
   2. Type your app name and wait for the dropdown to display it - check that id matches
   3. Change the access type from Viewer to Contributor
   4. Click Add
   5. Go to your Fabric Warehouse, click ellipsis, Manage permissions. It must list your app as "Workspace Contributor"
   6. Again, click ellipsis, Copy SQL Connection String. You can use it to create the Fabric Warehouse connection.