Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
kyrpav
Helper IV
Helper IV

Powerbi service refresh issue with rest api including get token functionality

‎10-15-2021 04:30 AM

I have created a query in powerbi desktop where i am calling a rest api and i gave to pas authorization token.

I am getting the tokken first from a api call and then i am passing it to the second rest call to get the data. Everything works perfectly in desktop program.

 

When i publish the report then gateway identifies these two endpoint ( which exist in the same query) and normally i have issue with the second one cause the get token query works but the other one not cause Service tries to call it without the headers or it does not have something to deal with the headers.

 

How can this be solved so these apis can be automatic updated

Labels:
Message 1 of 3
591 Views
0
1 ACCEPTED SOLUTION
v-xiaoyan-msft
Community Support
Community Support

‎10-17-2021 10:36 PM

Hi @kyrpav ,

 

Whether the setting of data source in Power BI Desktop and Power BI Service? 

Here are some similar threads may help you:

Invalid connection credentials Refresh issue

THE HIDDEN GEMS OF THE FUNCTION WEB.CONTENTS()

vcaitlynmstf_0-1634535254524.jpeg

 

 

Also, the user authentication sequence for the Power BI service occurs as described in the following steps, which are illustrated in the image that follows them.

  1. A user initiates a connection to the Power BI service from a browser, either by typing in the Power BI address in the address bar or by selecting Sign in from the Power BI landing page (https://powerbi.microsoft.com). The connection is established using TLS 1.2 and HTTPS, and all subsequent communication between the browser and the Power BI service uses HTTPS.

  2. The Azure Traffic Manager checks the user's DNS record to determine the most appropriate (usually nearest) datacenter where Power BI is deployed, and responds to the DNS with the IP address of the WFE cluster to which the user should be sent.

  3. WFE then redirects the user to the Microsoft Online Services login page.

  4. After the user has been authenticated, the login page redirects the user to the previously determined nearest Power BI service WFE cluster with an auth code.

  5. The WFE cluster checks with the Azure AD service to obtain an Azure AD security token by using the auth code. When Azure AD returns the successful authentication of the user and returns an Azure AD security token, the WFE cluster consults the Power BI Global Service, which maintains a list of tenants and their Power BI back-end cluster locations and determines which Power BI back-end service cluster contains the user's tenant. The WFE cluster then returns an application page to the user's browser with the session, access, and routing information required for its operation.

  6. Now, when the client's browser requires customer data, it will send requests to the back-end cluster address with the Azure AD access token in the Authorization header. The Power BI back-end cluster reads the Azure AD access token and validates the signature to ensure that the identity for the request is valid. The Azure AD access token has a default lifetime of 1 hour, and to maintain the current session the user's browser will make periodic requests to renew the access token before it expires.

For more, you can fefer to:Power BI security white paper 

 

Hope it helps,


Community Support Team _ Caitlyn

If this post helps then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

Message 3 of 3
503 Views
0
2 REPLIES 2
v-xiaoyan-msft
Community Support
Community Support

‎10-17-2021 10:36 PM

Hi @kyrpav ,

 

Whether the setting of data source in Power BI Desktop and Power BI Service? 

Here are some similar threads may help you:

Invalid connection credentials Refresh issue

THE HIDDEN GEMS OF THE FUNCTION WEB.CONTENTS()

vcaitlynmstf_0-1634535254524.jpeg

 

 

Also, the user authentication sequence for the Power BI service occurs as described in the following steps, which are illustrated in the image that follows them.

  1. A user initiates a connection to the Power BI service from a browser, either by typing in the Power BI address in the address bar or by selecting Sign in from the Power BI landing page (https://powerbi.microsoft.com). The connection is established using TLS 1.2 and HTTPS, and all subsequent communication between the browser and the Power BI service uses HTTPS.

  2. The Azure Traffic Manager checks the user's DNS record to determine the most appropriate (usually nearest) datacenter where Power BI is deployed, and responds to the DNS with the IP address of the WFE cluster to which the user should be sent.

  3. WFE then redirects the user to the Microsoft Online Services login page.

  4. After the user has been authenticated, the login page redirects the user to the previously determined nearest Power BI service WFE cluster with an auth code.

  5. The WFE cluster checks with the Azure AD service to obtain an Azure AD security token by using the auth code. When Azure AD returns the successful authentication of the user and returns an Azure AD security token, the WFE cluster consults the Power BI Global Service, which maintains a list of tenants and their Power BI back-end cluster locations and determines which Power BI back-end service cluster contains the user's tenant. The WFE cluster then returns an application page to the user's browser with the session, access, and routing information required for its operation.

  6. Now, when the client's browser requires customer data, it will send requests to the back-end cluster address with the Azure AD access token in the Authorization header. The Power BI back-end cluster reads the Azure AD access token and validates the signature to ensure that the identity for the request is valid. The Azure AD access token has a default lifetime of 1 hour, and to maintain the current session the user's browser will make periodic requests to renew the access token before it expires.

For more, you can fefer to:Power BI security white paper 

 

Hope it helps,


Community Support Team _ Caitlyn

If this post helps then please consider Accept it as the solution to help the other members find it more quickly.

Message 3 of 3
504 Views
0
kyrpav
Helper IV
Helper IV

‎10-15-2021 05:19 AM

Is it possible that powerbi service does not at all support token authentication?

Message 2 of 3
551 Views
0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All