Hello everyone,

I have a problem that i can't wrap my head around.

I have a powershell script where im calling power bi rest api for exemple to publish reports from local .PBIX etc. All works fine when i authenticate the calls with oauth2/authorize with Redirect URL.

But my powershell script is going to execute inside other scripts in our release, so i cannot get a GUI to login when this is in production. Therefore im going with the Client_ID & Client_Key in Client_Credentials instead.

Here is my authentication code now:

function getToken{
    if (-not (Get-Module AzureRm.Profile)){
        Import-Module AzureRM.Profile
    }

    Add-Type -Path "C:\Projects\Publish\packages\Microsoft.IdentityModel.Clients.ActiveDirectory.3.19.2\lib\net45\Microsoft.IdentityModel.Clients.ActiveDirectory.Platform.dll"
    $AppURI = "https://analysis.windows.net/powerbi/api"

    $Auth = "https://login.microsoftonline.com/$Tenant/oauth2/token"
    $clientCred = [Microsoft.IdentityModel.Clients.ActiveDirectory.ClientCredential]::new($ApplicationID, "$ClientSecret") 
    
    $AuthContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $auth
    $AuthResult = $authContext.AcquireToken($AppURI, $ClientCred)

    return $AuthResult

}

I get the Bearer token but i get a 403 (Forbidden) error when i call the API.

What in the world am i not thinking of? permissions for the application?

Have a nice day everyone.