Earn the coveted Fabric Analytics Engineer certification. 100% off your exam for a limited time only!
Hello everyone,
I'm building a console application using Visual Studio 2017 in order to push data into a Power BI dataset. I followed this guide:
Everithing it's working fine but i need to get a token with a non-interactively authentication to Azure AD. In a few words, without GUI on which user select his username. In internet I can't find anything that explains how to do that with a Native App. I only found how to do that with App Web/API using the clientID and secretID, but with Native App I haven't any secretID. Moreover with a App Web/API I got an Unauthorized (401) when I try to create a DataSet.
Someone could please help me to find a solution? Keep in mind that I never want the login screen to appear, so the solution of token stored in the cache is useless for me.
I appreciate any kind of help. Thanks,
amatteo90
Hi @amatteo90,
Could you please mark the proper answers as solutions?
Best Regards,
Dale
Hi @amatteo90,
How did you try to get the token? Since there are many methods, the process of authentication depends on your code. Please refer to the Python script below, which use a username and a password to get the access token.
We can get the token for both Native App and Web App unless the AAD requires two-factor authentication.
Reference: azure-activedirectory-library-for-python and active-directory/develop/v1-oauth2-implicit-grant-flow.
# adal is azure-activedirectory-library-for-python. install it first. from adal import AuthenticationContext # get access token implictly with username and password. def get_token(): client_id = "a30***1ae1dcde27e" resource_uri = "https://analysis.windows.net/powerbi/api" user_name = "d**.com" user_password = "password" auth_context = AuthenticationContext("https://login.microsoftonline.com/your_tenant_name") token_response = auth_context.acquire_token_with_username_password(resource_uri, user_name, user_password, client_id) token = "Bearer " + token_response["accessToken"] return token
Best Regards,
Dale
Hi,
I'm trying to do the same thing:
You can't generate an app key when you have selected Native app type. You have to select Web/API.
This sample shows you how to use the app secret:
https://github.com/azure-samples/active-directory-dotnet-daemon
I get 401 errors when I try to call the REST API though. This is even though my app has been granted permissions by a Global Admin.
Hello,
Thanks for the answer, By using a Web App I haven't any problem to perform a login with no GUI for authentication. However I got a 401 error when I try to call the REST API like you.
For Power BI Service I've granted any king of delegate authorizations that requires no administrator privileges. However I've a problem to grant the authorization "Access the directory as the signed-in user" even if doesn't require administrator privileges. Maybe is this the problem?
I am not sure the Delegated permissions are used at all when authenticating using an app key/service principal...
Azure AD defines two kinds of permissions:
User | Count |
---|---|
15 | |
2 | |
1 | |
1 | |
1 |
User | Count |
---|---|
18 | |
11 | |
5 | |
4 | |
3 |