Hi. I've built a custom data connector to a REST API that uses OAuth. Currently the client_id and client_secrets used by the OAuth authentication are stored in spearate files as per the samples provided by Microsoft here.
Is it possible for the client_id to and client_secret to be provided by the user filling in a paramater prompt during authentication once the connector has been deployed in Power BI, or must these credentials be stored in the connector's mez package?
Here is a similar thread in which a solution is mentioned. Could you go to check if it helps in your scenario?
I have managed to sort this out. I have accomplished an alpha solution that covers the authentication part + fetches data. Currently tested with mock data. https://github.com/AmirSasson/pardot-powerbi-connector I might add some paging mechanism to support large scale data fetch.
Thanks for that link - I'm glad someone else has encountered this! I guess it's not officially possible at the moment.
The workarounds mentioned in that thread are:
Get the keys and store them as parameters, which is a potential security issue (although arguably no less secure than my current method of storing the keys within flat files inside the .mez), or
For APIs that utilise username/password authentication, request that the user enters their keys as part of the username field, and parse that before verification (a bit of a hack, and I don't know how this would work when using OAuth)
Build a custom OAuth flow to accommodate extra parameters (well outside my breadth of knowledge)
Since the eventual roadmap must surely involve the distribution of generic connectors through the Office Store, I'd be interested to know how it will be possible to incorporate the secure storage of API key, client IDs and client secrets into the authentication procedure going forward. The only working solution in that thread (the second one above) isn't particularly user friendly or universally applicable to all authentication methods.