From fabric-skills
Inspects alerts, notifications, and activators in Microsoft Fabric via read-only `az rest` CLI calls. Lists workspace alerts, decodes Reflex definitions, examines rules/sources/actions.
npx claudepluginhub microsoft/skills-for-fabric --plugin skills-for-fabricThis skill uses the workspace's default tool permissions.
> **Update Check — ONCE PER SESSION (mandatory)**
Authors alerts, notifications, and automated actions on Microsoft Fabric data/events via REST API and az rest CLI. Manages Eventhouse/Eventstream triggers, Teams/email actions, and threshold adjustments.
Monitors tenant-wide Power Automate flows via FlowStudio MCP cached store: failure rates, run-health trends, maker/app inventory, inactive owners, compliance/health reports. For aggregated views only.
Manages LimaCharlie adapter lifecycle: creates, validates, deploys, troubleshoots configurations for data sources like Okta, S3, Azure Event Hub, syslog, webhooks. Researches from docs/GitHub.
Share bugs, ideas, or general feedback.
Update Check — ONCE PER SESSION (mandatory) The first time this skill is used in a session, run the check-updates skill before proceeding.
- GitHub Copilot CLI / VS Code: invoke the
check-updatesskill (e.g.,/fabric-skills:check-updates).- Claude Code / Cowork / Cursor / Windsurf / Codex: read the local
package.jsonversion, then compare it against the remote version viagit fetch origin main --quiet && git show origin/main:package.json(or the GitHub API). If the remote version is newer, show the changelog and update instructions.- Skip if the check was already performed earlier in this session.
CRITICAL NOTES
- To find the workspace details (including its ID) from workspace name: list all workspaces and, then, use JMESPath filtering
- To find the item details (including its ID) from workspace ID, item type, and item name: list all items of that type in that workspace and, then, use JMESPath filtering
| Tool | Purpose | Install |
|---|---|---|
| az cli | Fabric REST API calls for reading Activator items and definitions | winget install Microsoft.AzureCLI |
| jq | JSON processing, Base64 decoding, definition inspection | winget install jqlang.jq |
Use the shared authentication guidance in COMMON-CLI.md § Authentication Recipes. Resolve workspace and item IDs per COMMON-CLI.md § Finding Workspaces and Items in Fabric. Examples below assume WS_ID and REFLEX_ID are already resolved.
az rest --method GET \
--url "https://api.fabric.microsoft.com/v1/workspaces/${WS_ID}/reflexes" \
--resource "https://api.fabric.microsoft.com" \
| jq '.value[] | {id, displayName, description}'
Required scopes: Workspace.Read.All or Workspace.ReadWrite.All
For workspaces with many items, follow the continuationUri returned in each response:
NEXT_URL="https://api.fabric.microsoft.com/v1/workspaces/${WS_ID}/reflexes"
while [ -n "$NEXT_URL" ]; do
RESPONSE=$(az rest --method GET \
--url "$NEXT_URL" \
--resource "https://api.fabric.microsoft.com")
echo "$RESPONSE" | jq '.value[] | {id, displayName, description}'
NEXT_URL=$(echo "$RESPONSE" | jq -r '.continuationUri // empty')
done
az rest --method GET \
--url "https://api.fabric.microsoft.com/v1/workspaces/${WS_ID}/reflexes?recursive=true&rootFolderId=${FOLDER_ID}" \
--resource "https://api.fabric.microsoft.com" \
| jq '.value[] | {id, displayName}'
az rest --method GET \
--url "https://api.fabric.microsoft.com/v1/workspaces/${WS_ID}/reflexes/${REFLEX_ID}" \
--resource "https://api.fabric.microsoft.com" \
| jq '{id, displayName, description, type, workspaceId}'
getDefinitionis a POST (not GET), requires ReadWrite scopes (Reflex.ReadWrite.AllorItem.ReadWrite.All) even for read-only inspection, and may return 202 LRO. Use thefabric_lrohelper from COMMON-CLI.md § Long-Running Operations (LRO) Pattern so 202 responses can be polled via theLocationheader before decoding.
DEFINITION=$(fabric_lro POST \
"https://api.fabric.microsoft.com/v1/workspaces/${WS_ID}/reflexes/${REFLEX_ID}/getDefinition" \
'{}')
echo "$DEFINITION" \
| jq '.definition.parts[] | select(.path=="ReflexEntities.json") | .payload' -r \
| base64 -d | jq .
DEFINITION=$(fabric_lro POST \
"https://api.fabric.microsoft.com/v1/workspaces/${WS_ID}/reflexes/${REFLEX_ID}/getDefinition" \
'{}')
echo "$DEFINITION" \
| jq '.definition.parts[] | select(.path=="ReflexEntities.json") | .payload' -r \
| base64 -d | jq . > reflex-entities.json
Once you have the decoded ReflexEntities.json, use jq to extract specific components.
cat reflex-entities.json | jq '[.[] | .type] | sort | group_by(.) | map({type: .[0], count: length})'
cat reflex-entities.json | jq '.[] | select(.type | endswith("Source-v1")) | {name: .payload.name, type: .type, id: .uniqueIdentifier}'
cat reflex-entities.json | jq '.[] | select(.type == "timeSeriesView-v1" and .payload.definition.type == "Rule") | {name: .payload.name, id: .uniqueIdentifier, shouldRun: .payload.definition.settings.shouldRun}'
# Objects
cat reflex-entities.json | jq '.[] | select(.type == "timeSeriesView-v1" and .payload.definition.type == "Object") | {name: .payload.name, id: .uniqueIdentifier}'
# Attributes for a specific object
OBJECT_ID="<object-guid>"
cat reflex-entities.json | jq --arg oid "$OBJECT_ID" '.[] | select(.type == "timeSeriesView-v1" and .payload.definition.type == "Attribute" and .payload.parentObject.targetUniqueIdentifier == $oid) | {name: .payload.name, id: .uniqueIdentifier}'
RULE_ID="<rule-guid>"
cat reflex-entities.json \
| jq --arg rid "$RULE_ID" '.[] | select(.uniqueIdentifier == $rid) | .payload.definition.instance' -r \
| jq '.steps[] | {step: .name, rows: [.rows[] | .kind]}'
cat reflex-entities.json | jq '.[] | select(.type == "fabricItemAction-v1") | {name: .payload.name, itemType: .payload.fabricItem.itemType, itemId: .payload.fabricItem.itemId}'
Get a high-level overview of an Activator's configuration:
cat reflex-entities.json | jq '{
containers: [.[] | select(.type == "container-v1") | .payload.name],
sources: [.[] | select(.type | endswith("Source-v1")) | {name: .payload.name, type: .type}],
objects: [.[] | select(.type == "timeSeriesView-v1" and .payload.definition.type == "Object") | .payload.name],
rules: [.[] | select(.type == "timeSeriesView-v1" and .payload.definition.type == "Rule") | {name: .payload.name, active: .payload.definition.settings.shouldRun}],
actions: [.[] | select(.type == "fabricItemAction-v1") | {name: .payload.name, type: .payload.fabricItem.itemType}]
}'
--resource https://api.fabric.microsoft.com with az rest--body '{}' for getDefinition — it is a POST and omitting the body can cause 411 errorsgetDefinition may return 202; poll the Location headerReflexEntities.json payload before inspection — it is Base64-encoded in the API responsedefinition.instance field in rule entities — it is a JSON-encoded string, not a nested objectjq locallygetDefinition — it is a POST endpoint; GET will return 405# Step 1: List activators
az rest --method GET \
--url "https://api.fabric.microsoft.com/v1/workspaces/${WS_ID}/reflexes" \
--resource "https://api.fabric.microsoft.com" \
| jq '.value[] | {id, displayName}'
# Step 2: For a specific activator, get and decode its definition
az rest --method POST \
--url "https://api.fabric.microsoft.com/v1/workspaces/${WS_ID}/reflexes/${REFLEX_ID}/getDefinition" \
--resource "https://api.fabric.microsoft.com" \
--headers "Content-Type=application/json" \
--body '{}' \
| jq '.definition.parts[] | select(.path=="ReflexEntities.json") | .payload' -r \
| base64 -d \
| jq '.[] | select(.type == "timeSeriesView-v1" and .payload.definition.type == "Rule") | {name: .payload.name, active: .payload.definition.settings.shouldRun}'
# Decode definition and extract rule details
az rest --method POST \
--url "https://api.fabric.microsoft.com/v1/workspaces/${WS_ID}/reflexes/${REFLEX_ID}/getDefinition" \
--resource "https://api.fabric.microsoft.com" \
--headers "Content-Type=application/json" \
--body '{}' \
| jq '.definition.parts[] | select(.path=="ReflexEntities.json") | .payload' -r \
| base64 -d \
| jq '.[] | select(.payload.name == "Too hot for medicine") | .payload.definition.instance' -r \
| jq '.steps[] | {step: .name, details: .rows}'
Activation history (when rules fired) is not available via the public REST API. It is accessible via the Activator MCP server using the get_activations_for_rule tool.
Use the shared authentication guidance in COMMON-CLI.md § Authentication Recipes before connecting to the Activator MCP endpoint.
pip install mcp httpx azure-identity aiohttp
uniqueIdentifierget_activations_for_rule with the rule IDThe Activator MCP endpoint is at:
https://api.fabric.microsoft.com/v1/mcp/workspaces/{workspaceId}/reflexes/{activatorId}
Use the shared Fabric API authentication guidance from COMMON-CORE.md § Authentication & Token Acquisition. MCP clients should rely on standard Azure identity flows and must not hardcode tokens.
get_activations_for_ruleConnect using the MCP streamable_http_client, then call the tool:
from mcp import ClientSession
from mcp.client.streamable_http import streamable_http_client
# After connecting and initializing the session:
result = await session.call_tool(
"get_activations_for_rule",
{
"getActivationsParams": {
"workspaceId": "<workspace-id>",
"artifactId": "<activator-id>",
"ruleId": "<rule-uniqueIdentifier>",
}
},
)
The response contains totalCount and an activations array with details of each time the rule fired.
| Tool | Purpose |
|---|---|
list_rules | List rules in an Activator (alternative to public API decode) |
get_activations_for_rule | Get activation history for a specific rule |
/reflexes) for listing and getDefinition for inspectionaz rest with the Fabric API audiencegetDefinition requires ReadWrite scopes even for read-only access — this is a known API requirement