Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
Anonymous
Not applicable

Obtain Access Token C# App Owns Data Error

‎08-15-2017 09:17 AM

Hello,

 

I have a web application that uses a .NET API backend and am trying to connect to PowerBI Premium to obtain the token, but every time I do I get the same error.

 

AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.

 

What I am essentially wanting to do is hit my .NET API Controller, and pass in a selected PBIX file, and then use the Power Bi SDK to upload and publish the file to the Power Bi Premium App Workspace.  Then, after this part is finished, I will then be building out another section of my application where the users can go to view these power bi reports.  In my application the App Owns the data, and I have bought the license and set up the user properly.  I have also set up the App Workspace and set that to be Premium workspace.  

I have also registered my app at https://dev.powerbi.com/apps as a Serve-side web app.  The redirect URL I was confused about as I dont need it to redirect my app anywhere, as the user should not be entering credentials, but it says to just use any valid url, so I put the homepage of my app.  I then gave it all permissions and got the ClientId and Secret.

Then I tried to use the same 3 or 4 lines of code that I see as exmaples in almost every site.  It is a little confusing because I dont see a place to enter the Client Secret that I just obtained in registering my app, so I am not sure if that is just for viewing the reports in the app, or this too, but here are the lines of code I used that give me that error I posted above....

// Create a user password cradentials.
var credential = new UserCredential(Username, Password);

// Authenticate using created credentials
var authenticationContext = new AuthenticationContext(AuthorityUrl);
var authenticationResult = await authenticationContext.AcquireTokenAsync(ResourceUrl, ClientId, credential);
var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer");

 

These are the URLs I am using in the above code....

<add key="authorityUrl" value="https://login.windows.net/common/oauth2/authorize" />
<add key="resourceUrl" value="https://analysis.windows.net/powerbi/api" />

 

Once I have the token, I plan to use the PowerBI SDK to upload the report like this....

var client = new Microsoft.PowerBI.Api.V2.PowerBIClient(credentials, handler);
client.Imports.PostImportWithFileInGroup(GroupId, file1Stream, "importedreport", "Abort");

 

If anyone can help me understand what I am doing wrong, I would be very thankful. I am on a time crunch to get this done, and am at a point where I am not sure how to proceed.  Thanks.

Message 1 of 5
5,076 Views
0
1 ACCEPTED SOLUTION
Eric_Zhang
Employee
Employee

‎08-15-2017 11:46 PM

@Anonymous

For App Owns data scenario, register a Native application instead. Then everything shall work.

View solution in original post

Message 2 of 5
6,359 Views
0
4 REPLIES 4
Eric_Zhang
Employee
Employee

‎08-15-2017 11:46 PM

@Anonymous

For App Owns data scenario, register a Native application instead. Then everything shall work.

Message 2 of 5
6,360 Views
0
Anonymous
Not applicable
In response to Eric_Zhang

‎08-16-2017 06:38 AM

To me that does not make sense. My app is not a Native Client.  It is a web app with a .NET API.  So I guess this leaves me with one question.  I was able to find some code that did actually work and give me the token.  I will paste that below.  However, what would you sugges is the better approach?  To re-register it as a Native Client, or use the code I am using currently.

 

PS I now have the token, but every time I try to use it to read reports or anything, it gives me a 403 Forbidden Errror.  Could this have anythihng to do with the app not being registerd as a Native Client?

 

Thanks,

Steven 

 

// setup app info for AuthenticationContext
var clientCredential = new ClientCredential(ClientId, ClientKey);
// create auth context (note: no token cache leveraged)
AuthenticationContext authContext = new AuthenticationContext(AuthorityUrl);
// get access token for Power BI
token = authContext.AcquireToken(ResourceUrl, clientCredential).AccessToken;


var tokenCredentials = new TokenCredentials(token, "Bearer");

Message 3 of 5
5,045 Views
0
Anonymous
Not applicable
In response to Anonymous

‎08-17-2017 02:05 PM

The reason I was getting the 403 Forbidden was because I was actually getting a token, but it was the wrong token.  I was getting it the wrong way.  Once I switched to doing it like below, with the app registered as a Native Client, all worked great.

 

// Create a user password cradentials.
var credential = new UserCredential(Username, Password);
// Authenticate using created credentials
var authenticationContext = new AuthenticationContext(AuthorityUrl);
var authenticationResult = await authenticationContext.AcquireTokenAsync(ResourceUrl, ClientId2, credential);
token = authenticationResult.AccessToken;
var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer");

 

Thanks for all your help.


Stizz001

Message 4 of 5
5,033 Views
0
Junilo
Regular Visitor
In response to Anonymous

‎11-13-2017 01:21 AM

I should have PAID ATTENTION to 'register a Native AAD app' everything works well after I did that (after setting the app permissions on Azure Portal).

 

But note to Power BI Team - IMHO, that's a bit confusing. 'Native' as we defined it, are those running on Android, iOS, ...  My C# code running on a backend service, I don't call it 'Native'

 

Anyway.

 

For those still struggling, pulling their hairs out (if you still have some, save them)...

 

To get that Embed Token - this piece of code works for me now

 

 

var embedToken = "";
var ClientId = "your-client-id-here-generated-when-after-you-registered-a-native-app";
var credential = new UserPasswordCredential("AADUserNameHere", "ADDUserPasswordHere");

var groupId = "Your-App-Workspace-GroupId-Here";
var reportId = "Your-ReportId-Here";

// Authenticate using created credentials
var authenticationContext = new AuthenticationContext("https://login.windows.net/common/oauth2/authorize/");
var authenticationResult = authenticationContext.AcquireTokenAsync("https://analysis.windows.net/powerbi/api", ClientId, credential).Result;

if (authenticationResult != null)
{
    var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer");

    // Create a Power BI Client object. It will be used to call Power BI APIs.
    using (var client = new PowerBIClient(new Uri("https://api.powerbi.com/"), tokenCredentials))
    {
        // Generate Embed Token.
        var generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view");
        var tokenResponse = client.Reports.GenerateTokenInGroup(groupId, reportId, generateTokenRequestParameters);

        if (tokenResponse == null)
        {
            throw new Exception("No token response");
        }

        embedToken = tokenResponse.Token;
    }
}

 

Message 5 of 5
4,694 Views

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All
Top Kudoed Authors
View All