Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.
Hi All,
My main question is this:
- If I hardcode an encoded username + password in a Power Query step and publish that to the Power BI Service. Will that information be accessible to anyone else than the people who have access to the Power Bi File itself?
Flavor:
I'm currently creating some live Dashboards from OPC (Oracle Primavera Cloud) in Power BI.
OPC doesn't have a custom connector, but I can get the data from the REST Endpoints by:
-> Submitting a call to a "Token Endpoint" => Asks for Encoded Username+Password and gives back a token
Username = Extension.CurrentCredential()[Username],
Password = Extension.CurrentCredential()[Password],
vCred = "Basic "&Binary.ToText(Text.ToBinary(Username &":"&Password), 0),
tokenUrl = "https://.../apitoken/request?scope=http://../data",
Authentication = Json.Document(Web.Contents(tokenUrl, [Headers=[#"Authorization" = vCred], Content = Text.ToBinary("")])),
-> Use Token in subsequent calls to get data.
bearerToken = "Bearer " & Authentication[accessToken],
vUrl = "https://../dataservice/runquery",
body = TasksBody,
CallAPI = Json.Document(Web.Contents(vUrl, [
Headers = [#"Authorization"=bearerToken,
#"x-prime-identity-app"=Authentication[primeIdentityApp],
#"x-prime-tenant"=Authentication[primeTenant],
#"x-prime-tenant-code"=Authentication[primeTenantCode],
#"Content-Type"="application/json"
],
Content=Text.ToBinary(body)
]))
1) I would like to use the "Basic" Authentication of Power BI to do the first step, but as the Service expects an encoded version, it doesn't really help much as I can't access it in Query. If I hard code it, I'm not sure how safe it is.
2) I made a Custom Connector that can generate the Token based on Basic Authentication. However, when I build on this It asks to specify Credentials again. (Probably as Step 1 tried to get credentials for https://XXX/Apitoken/Request it overwrote the "anonymous" credentials for https://XXX/dataservice/runquery?
If someone has access to the Power BI workspace you publish the report to, they can download the PBIX from the Service and open it up and look at the query text (assuming they have a minimum of Write access to the dataset or are a Contributor to the workspace).
If they don't have access to the PBIX file, then I can't think of a way to access that query text but that doesn't mean it's not possible and I generally wouldn't advise storing unencrypted credentials in a query.
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Check out the April 2024 Power BI update to learn about new features.
User | Count |
---|---|
115 | |
100 | |
88 | |
69 | |
61 |
User | Count |
---|---|
151 | |
120 | |
103 | |
87 | |
68 |