topic [Python] Get AccessToken POST Request + Multi-factor Auth in Developer https://community.fabric.microsoft.com/t5/Developer/Python-Get-AccessToken-POST-Request-Multi-factor-Auth/m-p/585202#M17911 <P>Hello,</P><P>&nbsp;</P><P>I'm trying to get an AccessToken from <A href="https://login.microsoftonline.com/common/oauth2/token" target="_self">https://login.microsoftonline.com/common/oauth2/token</A>&nbsp;but I have two problems</P><P>&nbsp;</P><UL><LI>My user for security reason have MFA enabled, and cannot be disabled.</LI><LI>The code I have found doesn't work only using clientID and ClientSecret (<STRONG><A href="https://azure.microsoft.com/en-us/resources/samples/data-lake-analytics-python-auth-options/" target="_self">Source</A></STRONG>)</LI></UL><P>The code below generates an access code, but the POST request retrieves 401 status code.</P><P>&nbsp;</P><P>I can disable MFA and enter User and Password and would generate a valid access token, but that generates a massive security problem, besides implies that I would need to have a "permanent" account that would only have access to PBI for doing refreshes - basically a flaw into the system of APIs.</P><P>&nbsp;</P><PRE>import adal import requests from msrestazure.azure_active_directory import AADTokenCredentials authority_host_uri = 'https://login.microsoftonline.com' tenant = 'tenant' authority_uri = authority_host_uri + '/' + tenant resource_uri = 'https://analysis.windows.net/powerbi/api' client_id = 'clientid' client_secret = 'clientsecret' context = adal.AuthenticationContext(authority_uri, api_version=None) mgmt_token = context.acquire_token_with_client_credentials(resource_uri, client_id, client_secret) credentials = AADTokenCredentials(mgmt_token, client_id) headers = {'Authorization': 'Bearer ' + mgmt_token['accessToken'], 'Content-Type': 'application/json'} url = 'https://api.powerbi.com/v1.0/myorg/groups/me/datasets/datasetid' r= requests.post(url, headers=headers) print(r)</PRE><P>&nbsp;</P> Thu, 13 Dec 2018 17:03:14 GMT Anonymous 2018-12-13T17:03:14Z [Python] Get AccessToken POST Request + Multi-factor Auth https://community.fabric.microsoft.com/t5/Developer/Python-Get-AccessToken-POST-Request-Multi-factor-Auth/m-p/585202#M17911 <P>Hello,</P><P>&nbsp;</P><P>I'm trying to get an AccessToken from <A href="https://login.microsoftonline.com/common/oauth2/token" target="_self">https://login.microsoftonline.com/common/oauth2/token</A>&nbsp;but I have two problems</P><P>&nbsp;</P><UL><LI>My user for security reason have MFA enabled, and cannot be disabled.</LI><LI>The code I have found doesn't work only using clientID and ClientSecret (<STRONG><A href="https://azure.microsoft.com/en-us/resources/samples/data-lake-analytics-python-auth-options/" target="_self">Source</A></STRONG>)</LI></UL><P>The code below generates an access code, but the POST request retrieves 401 status code.</P><P>&nbsp;</P><P>I can disable MFA and enter User and Password and would generate a valid access token, but that generates a massive security problem, besides implies that I would need to have a "permanent" account that would only have access to PBI for doing refreshes - basically a flaw into the system of APIs.</P><P>&nbsp;</P><PRE>import adal import requests from msrestazure.azure_active_directory import AADTokenCredentials authority_host_uri = 'https://login.microsoftonline.com' tenant = 'tenant' authority_uri = authority_host_uri + '/' + tenant resource_uri = 'https://analysis.windows.net/powerbi/api' client_id = 'clientid' client_secret = 'clientsecret' context = adal.AuthenticationContext(authority_uri, api_version=None) mgmt_token = context.acquire_token_with_client_credentials(resource_uri, client_id, client_secret) credentials = AADTokenCredentials(mgmt_token, client_id) headers = {'Authorization': 'Bearer ' + mgmt_token['accessToken'], 'Content-Type': 'application/json'} url = 'https://api.powerbi.com/v1.0/myorg/groups/me/datasets/datasetid' r= requests.post(url, headers=headers) print(r)</PRE><P>&nbsp;</P> Thu, 13 Dec 2018 17:03:14 GMT https://community.fabric.microsoft.com/t5/Developer/Python-Get-AccessToken-POST-Request-Multi-factor-Auth/m-p/585202#M17911 Anonymous 2018-12-13T17:03:14Z Re: [Python] Get AccessToken POST Request + Multi-factor Auth https://community.fabric.microsoft.com/t5/Developer/Python-Get-AccessToken-POST-Request-Multi-factor-Auth/m-p/848136#M21430 <P>Hi ,</P><P>&nbsp;</P><P>You don't need to disable the MFA for your account. Instead you can overcome the issue with using SPN</P><P><A title="" href="https://docs.microsoft.com/en-us/power-bi/developer/embed-service-principal" target="_blank" rel="nofollow noopener noreferrer">https://docs.microsoft.com/en-us/power-bi/developer/embed-service-principal</A></P><P>&nbsp;</P><P>Just upgrade your workspace to v2.</P><P>&nbsp;</P><P>Issue resolved !</P> Sun, 17 Nov 2019 06:16:44 GMT https://community.fabric.microsoft.com/t5/Developer/Python-Get-AccessToken-POST-Request-Multi-factor-Auth/m-p/848136#M21430 Jayendran 2019-11-17T06:16:44Z