Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.
Hello
We have found that is possible to embed reports in a way similar to "user owns data" scenario in wich the application handles the user authetication. It is not documented by Microsoft
We understand AD redirection is way more safe and reliable, but the oAuth openid POST could be used when user's login is unrelated to Azure.
// oauth authetication ... using (var client = new HttpClient()) { var result = await client.PostAsync(oauthEndpoint, new FormUrlEncodedContent(new[] { new KeyValuePair<string, string>("resource", ResourceUrl), new KeyValuePair<string, string>("client_id", ClientId), new KeyValuePair<string, string>("grant_type", "password"), new KeyValuePair<string, string>("username", username), new KeyValuePair<string, string>("password", password), new KeyValuePair<string, string>("scope", "openid"), })); var content = await result.Content.ReadAsStringAsync(); var oar = JsonConvert.DeserializeObject<OAuthResult>(content); // Bearer token is the default return oar.AccessToken; } }
...
class OAuthResult { [JsonProperty("token_type")] public string TokenType { get; set; } [JsonProperty("scope")] public string Scope { get; set; } [JsonProperty("expires_in")] public int ExpiresIn { get; set; } [JsonProperty("ext_expires_in")] public int ExtExpiresIn { get; set; } [JsonProperty("expires_on")] public int ExpiresOn { get; set; } [JsonProperty("not_before")] public int NotBefore { get; set; } [JsonProperty("resource")] public Uri Resource { get; set; } [JsonProperty("access_token")] public string AccessToken { get; set; } [JsonProperty("refresh_token")] public string RefreshToken { get; set; } }
I am not fully understand what you mean for the 3rd question about the "Azure Redirection" if possible, could you please explain a bit for that?
For the 4th question, you may take a look at the Publish to Web.
Power BI API would reuqire a Pro account to access the related reports and resources, so it would need to authenticate through AAD.
Regards,
Michael
Thank you Michael for your reply
With azure redirection i mean the redirection to the Azure sign-in page. It is the documented way for "user owns data" scenario.
In scenario 4 we are using the authentication explained here: http://community.powerbi.com/t5/Developer/Embed-Power-BI-dashboard-in-ASP-Net-core/m-p/284314/highli...
We are worried about using the AD token retrieved via oauth openID endpoint POST for embedding (Scenario 4 in first post). It is supported?
Publish to web is not applicable.
Edit: openID endpoint, not oauth. I confused some terms
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Check out the April 2024 Power BI update to learn about new features.
User | Count |
---|---|
13 | |
2 | |
2 | |
1 | |
1 |
User | Count |
---|---|
20 | |
3 | |
2 | |
2 | |
2 |