Eric, in preparing to reply to you I finally discovered the problem. In my C# code I was sending the HTTP request like this:
HttpWebRequest request = CreatePowerBiApiRequest("groups/{groupId}/reports", accessToken);What I realized today is that I forgot the $ at the beginning of the string so that the string interpolation would occur. It should have been like this:
HttpWebRequest request = CreatePowerBiApiRequest($"groups/{groupId}/reports", accessToken);So the request was just statically sending the string "{groupId}" in the request instead of substituting in the actual group ID value. Totally my bad! 
Thanks for your help!
@pangelino wrote:
I'm using the Power API REST API to first retrieve groups that the logged in user has access to, and then to retrieve reports within those groups. I can successfully retrieve reports through the https://api.powerbi.com/v1.0/myorg/reports endpoint, but if I make the request through the https://api.powerbi.com/v1.0/myorg/groups/{group_id}/reports endpoint with any of the retrieved group id's, I get a 401 - Unauthorized response. I am sending the access token as an authorization header using the "Bearer {token}" format, the same as when I successfully retrieve reports independent of the group id. Can anyone suggest what the problem is here? Thanks in advance!
Is the registered app with sufficient permissions? You can check the permission in Azure portal->Active Directory->App registrations. The delegated perssions count shall be 14.
Is your account a member of the workspace group?
Eric, in preparing to reply to you I finally discovered the problem. In my C# code I was sending the HTTP request like this:
HttpWebRequest request = CreatePowerBiApiRequest("groups/{groupId}/reports", accessToken);What I realized today is that I forgot the $ at the beginning of the string so that the string interpolation would occur. It should have been like this:
HttpWebRequest request = CreatePowerBiApiRequest($"groups/{groupId}/reports", accessToken);So the request was just statically sending the string "{groupId}" in the request instead of substituting in the actual group ID value. Totally my bad!
Thanks for your help!
Thanks for your reply @Eric_Zhang. I should have mentioned that when I log into powerbi.com with the same account that I use to test the application, I can navigate through "Workspaces" (groups in the API), and can see and execute reports within them. My application seems to see all the same groups, but is unauthorized to request reports through the groups/{group_id}/reports endpoint.
I have added all the permissions you noted below, even including one Application Permissions that you do not call out. My Azure permissions on the app registration now look like this, but I still get the same 401 Unauthoorized response:
Any other suggestions?
Helpful resources
Microsoft Fabric Learn Together
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Power BI Monthly Update - April 2024
Check out the April 2024 Power BI update to learn about new features.
Fabric Community Update - April 2024
Find out what's new and trending in the Fabric Community.
