Public/Set-FabricApiAuthToken.ps1
|
function Set-FabricApiAuthToken { <# .SYNOPSIS Set authentication token for the Fabric service. .DESCRIPTION This function authenticates with Azure and acquires a token for Microsoft Fabric API access. It supports multiple authentication methods including service principal, credential object, and interactive device authentication. The acquired token is stored in a script-level variable for use by other functions in the module. .PARAMETER servicePrincipalId The service principal ID for service principal authentication. .PARAMETER servicePrincipalSecret The service principal secret for service principal authentication. .PARAMETER credential A PSCredential object for credential-based authentication. .PARAMETER tenantId The Azure AD tenant ID where the authentication will occur. .PARAMETER reset Switch to force a reset of the current authentication context. .PARAMETER apiUrl The URL for the Fabric API. Sets the script-level variable FabricApiUrl. .EXAMPLE PS C:\> Set-FabricApiAuthToken -servicePrincipalId "11111111-1111-1111-1111-111111111111" -servicePrincipalSecret "YourSecret" -tenantId "22222222-2222-2222-2222-222222222222" Authenticates using a service principal. .EXAMPLE PS C:\> $cred = Get-Credential PS C:\> Set-FabricApiAuthToken -credential $cred -tenantId "22222222-2222-2222-2222-222222222222" Authenticates using a credential object. .EXAMPLE PS C:\> Set-FabricApiAuthToken Prompts for interactive device authentication. .NOTES Requires the Az PowerShell module to be installed and available. Uses a script-level variable $FabricResourceUrl which must be defined elsewhere in the module. #> [CmdletBinding()] param ( [Parameter(Mandatory=$true, ParameterSetName='ServicePrincipal')] [string]$servicePrincipalId , [Parameter(Mandatory=$true, ParameterSetName='ServicePrincipal')] [SecureString]$servicePrincipalSecret , [Parameter(Mandatory=$true, ParameterSetName='Credential')] [PSCredential]$credential , [Parameter(Mandatory=$true, ParameterSetName='ServicePrincipal')] [Parameter(Mandatory=$true, ParameterSetName='Credential')] [string]$tenantId , [Parameter(ParameterSetName='Interactive')] [Parameter(ParameterSetName='ServicePrincipal')] [Parameter(ParameterSetName='Credential')] [switch]$reset , [Parameter(ParameterSetName='Interactive')] [Parameter(ParameterSetName='ServicePrincipal')] [Parameter(ParameterSetName='Credential')] [string]$apiUrl ) if (!$reset) { $azContext = Get-AzContext } if ($apiUrl) { $varFabricResourceUrl = $apiUrl } else{ $varFabricResourceUrl = $FabricResourceUrl } if (!$azContext) { Write-Log "Getting authentication token" try { if ($servicePrincipalId) { $credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $servicePrincipalId, $servicePrincipalSecret Connect-AzAccount -ServicePrincipal -TenantId $tenantId -Credential $credential | Out-Null Set-AzContext -Tenant $tenantId | Out-Null } elseif ($credential -ne $null) { Connect-AzAccount -Credential $credential -Tenant $tenantId | Out-Null } else { Connect-AzAccount -UseDeviceAuthentication | Out-Null } $azContext = Get-AzContext } catch { Write-Error "Failed to authenticate with Azure. Please check your credentials and try again." return } } Write-Log "Connnected: $($azContext.Account)" $script:fabricToken = (Get-AzAccessToken -ResourceUrl $varFabricResourceUrl -AsSecureString ).Token } |