cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
nlombardiCL Frequent Visitor
Frequent Visitor

Re: 403 Forbidden error occured when using REST API

Anyone find a solution to this issue?  We are getting the same thing when we pass the access token we get in our REST service to the Power BI REST service APIs.

silmar Frequent Visitor
Frequent Visitor

Re: 403 Forbidden error occured when using REST API

We are having the same issue as well, anyone have any ideas?

nlombardiCL Frequent Visitor
Frequent Visitor

Re: 403 Forbidden error occured when using REST API

I'm having the same error message. 

 

We are using an angular2 SPA to interact with our REST API services.  We have a report service that we would like to use to call the Power BI REST API service endpoints.  We acquire an azure AD accessToken in our service and try and use that token for the PowerBI calls but keep getting the "The remote server returned an error: (403) Forbidden." error.  Our SPA is registered in Azure and we have given Power BI permissions to the application.  I have an account in Power BI as well.  Below is the code I am using to call the GetReports endpoint. The error is thrown when the GetResponse is called.  Any suggestions would be greatly appeciated.  Thanks.

 

var accessToken = Request.Headers.Authorization.Parameter;  //defined in controller and passed to method below.

Uri baseAddress = new Uri("https://api.powerbi.com/");   //defined above

 

public async Task<List<PbiReport>> GetPBIReports(string accessToken)

{

string responseData;

var powerBiApiUrl = baseAddress + "v1.0/myorg/reports";

List<PbiReport> reports = new List<PbiReport>();

HttpWebRequest request = WebRequest.Create(powerBiApiUrl) as HttpWebRequest;

request.KeepAlive = true;

request.Method = "GET";

request.ContentLength = 0;

request.ContentType = "application/json";

request.Headers.Add("Authorization", $"Bearer {accessToken}");

using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)

{

using (StreamReader reader = new StreamReader(response.GetResponseStream()))

{

reports = JsonConvert.DeserializeObject<List<PbiReport>>(reader.ReadToEnd());

}

}

return reports;

}

silmar Frequent Visitor
Frequent Visitor

Re: 403 Forbidden error occured when using REST API

On my end, I was doing it wrong.  If your goal is to simply trying to provide access to PowerBi reports to your users, and want to authenticate non-interactively, then you may consider grabbing using the PowerBi api from nuget.  I posted what ultimately worked for me in my StackOverflow post.  Maybe it will help in your case?

Power BI Team lukaszp
Power BI Team

Re: 403 Forbidden error occured when using REST API

I'm not sure what you mean when you say 'all Power BI permissions were delegated in AAD', can you share more details?   Here's something to try:

 

Power BI has a tile embed sample, which I verified works correctly with interactive user login. Note, that when you're using Power BI.com, the user needs to be an AAD user and needs to login as themselves for licensing reason.  As someone alluded to in another comment if you want to not use AAD users, you'd use Power BI Embedded, which doesn't require the end user to be an AAD user. 

 

https://powerbi.microsoft.com/en-us/documentation/powerbi-developer-integrate-tile/

 

Can you use your client ID and secret with the above sample and see if it works.  Make sure the application has the following redirect URL configured:

Http://localhost:13526/

 

Usually, you get a 403 when the application does not have appropriate permissions. Remember that if you added permissions (scopes) to the application AFTER the user trusted the application, the user’s token won’t get the new scopes until they remove trust from the application and trust it again. Easiest workaround is to create a new application and use that instead.  Alternative is to manually remove the application using Office 365’s “my apps” feature and then try to use the application again.

 

You might also draw inspiration from several other similar threads from other services:

http://stackoverflow.com/questions/31735264/403-forbidden-from-azure-graph-api

https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-integrating-applica...

https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-developers-guide

 

HTH,

-Lukasz

 

TedPattison
Advisor

Re: 403 Forbidden error occured when using REST API

The issue is that the default registration of an app in Azure AD requires the user click a button saying "I trust" this app. If you look at this video:

 

https://www.youtube.com/watch?v=ZSaBFf3ziUk

 

and go into the video about the 2:15 mark. This shows with simple app registration there is a one-time need for user interaction. After logging the first time with user interaction, your code can then authenticate programmatically without user interaction.

 

There is a way around this. It requires that you have an Azure subscription and that you use the Azure portal to register the app and configure security settings so that it doesn't require interactive consent on the part of the user. 

 

 

khurram75 Frequent Visitor
Frequent Visitor

Re: 403 Forbidden error occured when using REST API

I tried adding the permissions and pretty much everything described on the "How To" tutorial, however still am not able to get beyond the 403 error. The code works fine in http://docs.powerbi.apiary.io but I am unable to make it work through code Smiley Sad For authentication our app uses the approach where it does not require the user to approve the access permissions in the pop up mentioned above. Do we have to enable it for PowerBI to work?

Highlighted
wakhan07 Frequent Visitor
Frequent Visitor

Re: 403 Forbidden error occured when using REST API

Hi,

 

I'm aslo facing same issue. Any solution to this?

 

erikskov
Advisor

Re: 403 Forbidden error occured when using REST API

modifying the authentication to prompt for credentials allowed me to get past the 'Forbidden' error...

 

return ac.AcquireTokenAsync(resourceUriPowerBi, clientId, new Uri(RedirectURL), new PlatformParameters(PromptBehavior.Auto)).Result.AccessToken;

wakhan07 Frequent Visitor
Frequent Visitor

Re: 403 Forbidden error occured when using REST API

@erikskov

 

Thanks for your kind reply,

 

I don't see forbidden error anymore. However, we have WebAPI's returning token and we don’t want to get the popup at all.

When I set the prompt behavior to "NEVER" I get below error:

 

"user_interaction_required: One of two conditions was encountered: 1. The PromptBehavior.Never flag was passed, but the constraint could not be honored, because user interaction was required. 2. An error occurred during a silent web authentication that prevented the http authentication flow from completing in a short enough time frame"

 

And when I tried Directly specifying the username and password, it never returns any result.

 

 var authenticationResult = authenticationContext.AcquireTokenAsync(resourceUri, clientID, credential).Result;

 

this throws an error ""AADSTS75005: The request is not a valid SAML 2.0 protocol message."

 

I look forward for your reply,

Thanks for your support.

Helpful resources

Announcements
Can You Solve These Challenge

Challenge: Can You Solve These?

Find out how to participate in the first Power BI 'Can You Solve These?' challenge.

Community News & Announcements

Community News & Announcements

Get your latest community news and announcements.

Virtual Launch Event

Microsoft Business Applications October Virtual Launch Event

Join us for an in-depth look at the new innovations across Dynamics 365 and the Microsoft Power Platform.

Community Kudopalooza

Win Power BI Swag with Community Kudopalooza!

Each week, complete activities and be qualified in the drawing for cool Power BI Swag.

Top Kudoed Authors
Users Online
Currently online: 69 members 2,408 guests
Please welcome our newest community members: