Authentication User Credentials
Contents
Description
Use delegated access (User Credentials) whenever you want to let a signed-in user work with their own resources or resources they can access. Whether it's an admin setting up policies for their entire organization or a user deleting an email in their inbox, all scenarios involving user actions should use delegated access. [API reference]
Instructions
Follow these simple steps below to create Microsoft Entra ID application with delegated access:
automation@my-company.com).
When you use a personal account which is tied to a specific employee profile and that employee leaves the company,
the token may become invalid and any automated processes using that token will start to fail.
- Navigate to the Azure Portal and log in using your credentials.
- Access Microsoft Entra ID.
-
Register a new application by going to App registrations and clicking on New registration button:
INFO: Find more information on how to register an application in Graph API reference. -
When configuration window opens, configure these fields:
-
Supported account type
- Use
Accounts in this organizational directory only, if you need access to data in your organization only.
- Use
-
Supported account type
-
Redirect URI:
- Set the type to
Public client/native (mobile & desktop). - Use
https://zappysys.com/oauthas the URL.
- Set the type to
-
After registering the app, copy the Application (client) ID for later:
-
Copy OAuth authorization endpoint (v2) & OAuth token endpoint (v2) URLs to use later in the configuration:
-
Now go to SSIS package or ODBC data source and use the copied values in User Credentials authentication configuration:
- In the Authorization URL field paste the OAuth authorization endpoint (v2) URL value you copied in the previous step.
- In the Token URL field paste the OAuth token endpoint (v2) URL value you copied in the previous step.
- In the Client ID field paste the Application (client) ID value you copied in the previous step.
-
In the Scope field use the default value or select individual scopes, e.g.:
-
offline_access -
https://analysis.windows.net/powerbi/api/Workspace.Read.All -
https://analysis.windows.net/powerbi/api/Dataset.Read.All -
https://analysis.windows.net/powerbi/api/Dataset.ReadWrite.All
-
- Press Generate Token button to generate Access and Refresh Tokens.
- Click Test Connection to confirm the connection is working.
- Optional step. Choose Default Workspace from the drop down menu.
- Choose Default Dataset from the drop down menu.
- Done! Now you are ready to use the API Connector!
Parameters
| Parameter | Label | Required | Default value | Options | Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AuthUrl | Authorization URL | YES |
|
|
|||||||||||
| TokenUrl | Token URL | YES |
|
|
|||||||||||
| ClientId | Client ID | YES |
|
||||||||||||
| Scope | Scope | YES |
offline_access~https://analysis.windows.net/powerbi/api/Workspace.Read.All~https://analysis.windows.net/powerbi/api/Dataset.ReadWrite.All
|
|
|
||||||||||
| DatasetId | Default Dataset (select after generating tokens) | YES |
|
||||||||||||
| ClientSecret | Client Secret |
|
|||||||||||||
| ReturnUrl | Redirect URI (must match App Redirect URI) |
|
|
||||||||||||
| WorkspaceId | Default Workspace (Keep Empty for My Workspace - select after generating tokens) |
|
|||||||||||||
| RetryMode | RetryMode |
RetryWhenStatusCodeMatch
|
|
|
|||||||||||
| RetryStatusCodeList | RetryStatusCodeList |
429|503
|
|
||||||||||||
| RetryCountMax | RetryCountMax |
20
|
|
||||||||||||
| RetryWaitTimeMs | RetryWaitTimeMs |
1000
|
|
||||||||||||
| RetryMultiplyWaitTime | RetryMultiplyWaitTime |
True
|
|
||||||||||||
| ExtraAttributesForAuthRequest | Login options |
|
|