cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Regular Visitor

PHP, Curl to get embed token via API GenerateToken returns 404 using service principal

Hi all,

 

This snippet of code:

 

<?php
/* Get token using a POST request */

$clientId = 'xxx';
$clientSecret = 'xxx';
$tenantId = 'xxxx';
$urlAccessToken = "https://login.windows.net/$tenantId/oauth2/token";
$resource = 'https://analysis.windows.net/powerbi/api';
$group = 'xxx';
$report ='xxx';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://login.microsoftonline.com/$tenantId/oauth2/token");

curl_setopt($ch, CURLOPT_POST, TRUE);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'resource' => $resource,
'client_id' => $clientId,
'client_secret' => $clientSecret,
'grant_type' => 'client_credentials'
));

$data = curl_exec($ch);
curl_close($ch);

$data_obj = json_decode($data);
$access_token = $data_obj->{"access_token"};
$headers = array(
"Content-Type: application/json",
"Authorization: Bearer $access_token"
);


$url = "https://api.powerbi.com/v1.0/myorg/groups/$group/reports/$report/GenerateToken";
#$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports";
$post_params = array(
'accessLevel' => 'View'
);

$payload = json_encode($post_params);

$ch2 = curl_init( $url );
curl_setopt( $ch2, CURLOPT_POST, true);
curl_setopt( $ch2, CURLINFO_HEADER_OUT, true);
curl_setopt( $ch2, CURLOPT_POST, $payload);
curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers );
curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch2, CURLOPT_FAILONERROR, true);
$response = curl_exec( $ch2 );

if (curl_errno($ch2)) {
    $error_msg = curl_error($ch2);
}
echo $response;
curl_close($ch2);

if (isset($error_msg)) {
    echo $error_msg;
}

?>

 

 

Authenticates properly (getting us an access token), then attempts call GenerateToken using that access token. It authenticates fine, but ALWAYS returns 404. I know the reports are there, and that the ids are correct because we can interrogate the reports using this snippet (and the same authtoken):

$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports";
$headers = array(
   "Content-Type: application/json",
   "Authorization: Bearer $access_token"
);

$payload = json_encode($post_params);

$ch2 = curl_init( $url );
curl_setopt( $ch2, CURLOPT_POST, true);
curl_setopt( $ch2, CURLINFO_HEADER_OUT, true);
curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers );
curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch2, CURLOPT_FAILONERROR, true);
$response = curl_exec( $ch2 );

if (curl_errno($ch2)) {
    $error_msg = curl_error($ch2);
}
echo $response;
curl_close($ch2);

 

and get back the proper looking JSON for all the reports in the workspace in question. So we know the auth works, we know the accesstoken has access to the workspace--why am I getting a 404 back? Ive double and triple checked the ids against the JSON returned by the reports list API. Totally stumped.

1 ACCEPTED SOLUTION

Accepted Solutions

So we dug into this a little bit more and were able to debug it..it was an error in the curl_setopts. posting fixed code here, in case anyone runs across this issue.

<?php
/* Get token using a POST request */

$clientId = 'xxx';
$clientSecret = 'xxx';
$tenantId = 'xxxx';
$urlAccessToken = "https://login.windows.net/$tenantId/oauth2/token";
$resource = 'https://analysis.windows.net/powerbi/api';
$group = 'xxx';
$report ='xxx';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://login.microsoftonline.com/$tenantId/oauth2/token");

curl_setopt($ch, CURLOPT_POST, TRUE);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'resource' => $resource,
'client_id' => $clientId,
'client_secret' => $clientSecret,
'grant_type' => 'client_credentials'
));

$data = curl_exec($ch);
curl_close($ch);

$data_obj = json_decode($data);
$access_token = $data_obj->{"access_token"};
$headers = array(
"Content-Type: application/json",
"Authorization: Bearer $access_token"
);


$url = "https://api.powerbi.com/v1.0/myorg/groups/$group/reports/$report/GenerateToken";
#$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports";
$post_params = array(
'accessLevel' => 'View'
);

$payload = json_encode($post_params);

$ch2 = curl_init( $url );
curl_setopt( $ch2, CURLINFO_HEADER_OUT, true);
curl_setopt( $ch2, CURLOPT_POSTFIELDS, $payload);
curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers );
curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch2, CURLOPT_FAILONERROR, true);
$response = curl_exec( $ch2 );

if (curl_errno($ch2)) {
    $error_msg = curl_error($ch2);
}
echo $response;
curl_close($ch2);

if (isset($error_msg)) {
    echo $error_msg;
}

?>

 

View solution in original post

2 REPLIES 2
Resident Rockstar
Resident Rockstar

Hi @wingmanzz 

Of course you shouldn't get a 404 if the resource was found so that's odd.

Once you've got a valid access token you can try using Postman to issue the GenerateToken request and see what is happening.

https://www.postman.com/

Phil

So we dug into this a little bit more and were able to debug it..it was an error in the curl_setopts. posting fixed code here, in case anyone runs across this issue.

<?php
/* Get token using a POST request */

$clientId = 'xxx';
$clientSecret = 'xxx';
$tenantId = 'xxxx';
$urlAccessToken = "https://login.windows.net/$tenantId/oauth2/token";
$resource = 'https://analysis.windows.net/powerbi/api';
$group = 'xxx';
$report ='xxx';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://login.microsoftonline.com/$tenantId/oauth2/token");

curl_setopt($ch, CURLOPT_POST, TRUE);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'resource' => $resource,
'client_id' => $clientId,
'client_secret' => $clientSecret,
'grant_type' => 'client_credentials'
));

$data = curl_exec($ch);
curl_close($ch);

$data_obj = json_decode($data);
$access_token = $data_obj->{"access_token"};
$headers = array(
"Content-Type: application/json",
"Authorization: Bearer $access_token"
);


$url = "https://api.powerbi.com/v1.0/myorg/groups/$group/reports/$report/GenerateToken";
#$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports";
$post_params = array(
'accessLevel' => 'View'
);

$payload = json_encode($post_params);

$ch2 = curl_init( $url );
curl_setopt( $ch2, CURLINFO_HEADER_OUT, true);
curl_setopt( $ch2, CURLOPT_POSTFIELDS, $payload);
curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers );
curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch2, CURLOPT_FAILONERROR, true);
$response = curl_exec( $ch2 );

if (curl_errno($ch2)) {
    $error_msg = curl_error($ch2);
}
echo $response;
curl_close($ch2);

if (isset($error_msg)) {
    echo $error_msg;
}

?>

 

View solution in original post

Helpful resources

Announcements
November Update

Check it Out!

Click here to read more about the November 2020 Updates!

Community Conference

Power Platform Community Conference

Check out the on demand sessions that are available now!

secondImage

Power Platform October Community Highlights

Check out the top community contributors across all of the communities

secondImage

Create an end-to-end data and analytics solution

Learn how Power BI works with the latest Azure data and analytics innovations at the digital event with Microsoft CEO Satya Nadella.

Top Solution Authors