Power BI Connector
Documentation
Version: 1
Documentation

Authentication :: User Credentials [OAuth]


Description

OAuth App must be created in Microsoft Azure AD. These settings typically found here https://docs.microsoft.com/en-us/graph/auth-register-app-v2. [API Help..]

Instructions

Firstly, login into Azure Portal and there create an OAuth application:

  1. Go to Azure Portal and login there.
  2. Then go to Azure Active Directory.
  3. On the left side click menu item App registrations
  4. Then proceed with clicking New registration.
  5. Enter a name for your application.
  6. Select the account types to support with the Supported account types option.
  7. In Redirect URI, select Web.
  8. In the textbox enter https://zappysys.com/oauth as the Redirect URI or another valid redirect URL.
  9. Use this same Redirect URI in the Redirect URI (must match App Redirect URL) grid row.
  10. Copy Client ID and paste it into the API Connection Manager configuration grid in the Client ID row.
  11. Click on the Endpoints link and copy the OAuth 2.0 authorization endpoint (v2) URL to the Authorization URL grid row. Usually it looks similar to this:
    • https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/authorize
  12. Copy the OAuth 2.0 token endpoint (v2) URL to the Token URL grid row. Usually it looks similar to this:
    • https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/token
  13. Close "Endpoints" popup and create a Client Secret in the Certificates & secrets tab.
  14. Proceed by clicking New client secret and setting expiration period. Copy the client secret and paste it into configuration grid in Client Secret row.
  15. Now lets setup permissions for the app. Click on API Permissions and on the page click Plus Sign Add Permission
  16. Click on Microsoft Graph API and then choose Delegated Permissions
  17. on Permission list page search or choose permissions as needed. We need to enable following Permissions from 2 Sections: Microsoft Graph API and Power BI Service.
  18. Make sure you have checked below permissions (If you do not need Write feature then you can skip Write scopes)
    offline_access
    Dataset.ReadWrite.All
    
  19. Click Generate Token to generate tokens.
  20. That's it!

Parameters

Parameter Label Required Options Description Help
AuthUrl Authorization URL YES
Option Value
For Single Tenant https://login.microsoftonline.com/{ENTER-TENANT-ID-HERE}/oauth2/v2.0/authorize
For Multi Tenant https://login.microsoftonline.com/common/oauth2/v2.0/authorize
TokenUrl Token URL YES
Option Value
For Single Tenant https://login.microsoftonline.com/{ENTER-TENANT-ID-HERE}/oauth2/v2.0/token
For Multi Tenant https://login.microsoftonline.com/common/oauth2/v2.0/token
ClientId Client ID YES
ClientSecret Client Secret NO
Scope Scope YES
Option Value
offline_access offline_access
https://analysis.windows.net/powerbi/api/Dataset.Read.All https://analysis.windows.net/powerbi/api/Dataset.Read.All
https://analysis.windows.net/powerbi/api/Workspace.Read.All https://analysis.windows.net/powerbi/api/Workspace.Read.All
https://analysis.windows.net/powerbi/api/Workspace.ReadWrite.All https://analysis.windows.net/powerbi/api/Workspace.ReadWrite.All
Permissions you want to use.
ReturnUrl Redirect URI (must match App Redirect URI) NO
Option Value
https://zappysys.com/oauth https://zappysys.com/oauth
The ReturnUrl must match the URL on the Authentication page for your Application (in Azure Portal, Azure Active Directory > App registrations > Application)
WorkspaceId Default Workspace (Keep Empty for My Workspace - select after generating tokens) NO Leave value empty to use your Power BI default Workspace
DatasetId Default Dataset (select after generating tokens) YES
RetryMode RetryMode NO
Option Value
None None
RetryAny RetryAny
RetryWhenStatusCodeMatch RetryWhenStatusCodeMatch
RetryStatusCodeList RetryStatusCodeList NO
RetryCountMax RetryCountMax NO
RetryWaitTimeMs RetryWaitTimeMs NO
RetryMultiplyWaitTime RetryMultiplyWaitTime NO
ExtraAttributesForAuthRequest Login options NO
Option Value
None
Force login prompt prompt=login
Force permission select prompt=consent
Choose this if you want to force login prompt or permission prompt. API Help