![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 90%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAH%3C/text%3E%3C/svg%3E)
Azure SQL Database
An Azure relational database service.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Yep, Microsoft Fabric supports mirroring Azure SQL databases, even if the source database resides in a different Entra ID tenant — as long as:
- The customer has appropriate delegated or service principal-based access to your Azure SQL database.
- Cross-tenant data access and authentication are correctly configured.
- Private endpoints, firewall, and networking configurations allow the communication.
- The Mirroring feature in Microsoft Fabric supports cross-tenant sources.
For this to work, you'd need to set up:
- Cross-tenant access configuration
- Your Entra ID tenant must allow external identities (from the customer's tenant) to access the Azure SQL DB.
- This usually involves:
- Adding the customer’s Microsoft Entra ID tenant as a guest.
- Granting appropriate RBAC roles to the service principal or user they will use.
- Or giving the customer a dedicated user/service principal in your tenant for least privilege access.
- Authentication support
Microsoft Fabric currently supports:
- Entra ID interactive authentication
- Service principal authentication
Your customer can configure a service principal in their own tenant and have it granted access to your Azure SQL DB.
Note that fabric mirroring requires OAuth-based authentication. SQL authentication (user/password) is not supported.
- Networking
- Your Azure SQL Server must allow Azure services or the customer's specific IP ranges.
- If private endpoints are used, extra configuration is needed, such as:
- Private DNS zone peering
- Allowing traffic from the customer’s tenant via VNet peering or VPN.
- Mirroring in Fabric
Once access is configured:
- In Fabric, the customer would configure Data Factory mirroring, and select Azure SQL Database as the source.
- Provide the connection information and authentication details.
- Initiate the mirroring setup and ingestion process.
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 60%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)