Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Earn the coveted Fabric Analytics Engineer certification. 100% off your exam for a limited time only!

Reply
Anonymous
Not applicable

403 Error when trying to access REST API

Not sure if I'm just missing something. Trying to get to know the REST API, and I can't get past a 403 error.

 

The goal is for the user to click sign in, and then to load a list of their datasets. Sample here:

 

https://dashbi-encore.azurewebsites.net

 

Code:

 

var ADAL = new AuthenticationContext({
    instance: 'https://login.microsoftonline.com/',
    tenant: 'common', 
    clientId: 'ee4d167d-3a52-4578-b2f6-fd6fb8efb84a', 
    redirectUri: 'https://dashbi-encore.azurewebsites.net',
    callback: userSignedIn,
    popUp: true
});

function signIn() {
    ADAL.login();
}

function userSignedIn(err, token) {
    console.log('userSignedIn called');
    if (!err) {

        showWelcomeMessage();

        var trythis = "Bearer " + token;
        var request = new XMLHttpRequest();

        request.open('GET', 'https://api.powerbi.com/v1.0/myorg/datasets');

        request.setRequestHeader('Authorization', trythis);

        request.onreadystatechange = function() {
            if (this.readyState === 4) {
                console.log('Status:', this.status);
                console.log('Body:', this.responseText);
            }
        };

        request.send();
    } else {
        console.error("error: " + err);
    }
}

function showWelcomeMessage() {
    var user = ADAL.getCachedUser();
    var divWelcome = document.getElementById('WelcomeMessage');
    divWelcome.innerHTML = "Welcome " + user.profile.name;
}

I seem to do fine getting the token from AD - and I pass it through in the header of my API request as instructed - but it just won't take. I have correctly created my application and requested the proper permissions (tried via multiple different portals) .

1 ACCEPTED SOLUTION
Eric_Zhang
Employee
Employee


@Anonymous wrote:

Not sure if I'm just missing something. Trying to get to know the REST API, and I can't get past a 403 error.

 

The goal is for the user to click sign in, and then to load a list of their datasets. Sample here:

 

https://dashbi-encore.azurewebsites.net

 

Code:

 

var ADAL = new AuthenticationContext({
    instance: 'https://login.microsoftonline.com/',
    tenant: 'common', 
    clientId: 'ee4d167d-3a52-4578-b2f6-fd6fb8efb84a', 
    redirectUri: 'https://dashbi-encore.azurewebsites.net',
    callback: userSignedIn,
    popUp: true
});

function signIn() {
    ADAL.login();
}

function userSignedIn(err, token) {
    console.log('userSignedIn called');
    if (!err) {

        showWelcomeMessage();

        var trythis = "Bearer " + token;
        var request = new XMLHttpRequest();

        request.open('GET', 'https://api.powerbi.com/v1.0/myorg/datasets');

        request.setRequestHeader('Authorization', trythis);

        request.onreadystatechange = function() {
            if (this.readyState === 4) {
                console.log('Status:', this.status);
                console.log('Body:', this.responseText);
            }
        };

        request.send();
    } else {
        console.error("error: " + err);
    }
}

function showWelcomeMessage() {
    var user = ADAL.getCachedUser();
    var divWelcome = document.getElementById('WelcomeMessage');
    divWelcome.innerHTML = "Welcome " + user.profile.name;
}

I seem to do fine getting the token from AD - and I pass it through in the header of my API request as instructed - but it just won't take. I have correctly created my application and requested the proper permissions (tried via multiple different portals) .


@Anonymous

The 403 error is caused by calling the Power BI get datasets API with an id_token where an acess token is required. Per the ADAL JS lib, to get the access token, you'll have to call ADAL.acquireToken function after login. So you'll need something like

 

 

showWelcomeMessage();

ADAL.acquireToken("https://analysis.windows.net/powerbi/api",function(token){
 
  
		  var trythis = "Bearer " + token;

                  var request = new XMLHttpRequest();

                  request.open('GET', 'https://api.powerbi.com/v1.0/myorg/datasets');

                  request.setRequestHeader('Authorization', trythis);

                  request.onreadystatechange = function () {
                    if (this.readyState === 4) {
                      console.log('Status:', this.status);
                      console.log('Body:', this.responseText);
                    }
                  };

                  request.send();


});

 

Since your question is actually related to Azure AD development, for further questions, I'd suggest you post in the dedicated AAD forum.

 

 

 

View solution in original post

5 REPLIES 5
Eric_Zhang
Employee
Employee


@Anonymous wrote:

Not sure if I'm just missing something. Trying to get to know the REST API, and I can't get past a 403 error.

 

The goal is for the user to click sign in, and then to load a list of their datasets. Sample here:

 

https://dashbi-encore.azurewebsites.net

 

Code:

 

var ADAL = new AuthenticationContext({
    instance: 'https://login.microsoftonline.com/',
    tenant: 'common', 
    clientId: 'ee4d167d-3a52-4578-b2f6-fd6fb8efb84a', 
    redirectUri: 'https://dashbi-encore.azurewebsites.net',
    callback: userSignedIn,
    popUp: true
});

function signIn() {
    ADAL.login();
}

function userSignedIn(err, token) {
    console.log('userSignedIn called');
    if (!err) {

        showWelcomeMessage();

        var trythis = "Bearer " + token;
        var request = new XMLHttpRequest();

        request.open('GET', 'https://api.powerbi.com/v1.0/myorg/datasets');

        request.setRequestHeader('Authorization', trythis);

        request.onreadystatechange = function() {
            if (this.readyState === 4) {
                console.log('Status:', this.status);
                console.log('Body:', this.responseText);
            }
        };

        request.send();
    } else {
        console.error("error: " + err);
    }
}

function showWelcomeMessage() {
    var user = ADAL.getCachedUser();
    var divWelcome = document.getElementById('WelcomeMessage');
    divWelcome.innerHTML = "Welcome " + user.profile.name;
}

I seem to do fine getting the token from AD - and I pass it through in the header of my API request as instructed - but it just won't take. I have correctly created my application and requested the proper permissions (tried via multiple different portals) .


@Anonymous

The 403 error is caused by calling the Power BI get datasets API with an id_token where an acess token is required. Per the ADAL JS lib, to get the access token, you'll have to call ADAL.acquireToken function after login. So you'll need something like

 

 

showWelcomeMessage();

ADAL.acquireToken("https://analysis.windows.net/powerbi/api",function(token){
 
  
		  var trythis = "Bearer " + token;

                  var request = new XMLHttpRequest();

                  request.open('GET', 'https://api.powerbi.com/v1.0/myorg/datasets');

                  request.setRequestHeader('Authorization', trythis);

                  request.onreadystatechange = function () {
                    if (this.readyState === 4) {
                      console.log('Status:', this.status);
                      console.log('Body:', this.responseText);
                    }
                  };

                  request.send();


});

 

Since your question is actually related to Azure AD development, for further questions, I'd suggest you post in the dedicated AAD forum.

 

 

 

@Anonymous, you managed to get this working?

Anonymous
Not applicable

Yes I did, but not on my own. I ended up using this 

 

https://github.com/Azure-Samples/active-directory-javascript-singlepageapp-dotnet-webapi

 

And modifying it to request Power BI permissions/make Power BI API requests. I suggest anyone else having issues tries out this example before attempting their own implementation. I believe that the issue with my code was as suggested, not calling ADAL.acquireToken.

@Anonymous, Thanks for the response.

Will you be able to share the sample project for authenticating to powerbi? 

Anonymous
Not applicable

It's here right now, though I might take it down in the future.

 

https://dashbi-encore.azurewebsites.net

 

Log in, and then visit the "Todo list" tab. Watch the javascript console... you should see a list of your datasets appear.

Helpful resources

Announcements
April AMA free

Microsoft Fabric AMA Livestream

Join us Tuesday, April 09, 9:00 – 10:00 AM PST for a live, expert-led Q&A session on all things Microsoft Fabric!

March Fabric Community Update

Fabric Community Update - March 2024

Find out what's new and trending in the Fabric Community.