topic PHP, Curl to get embed token via API GenerateToken returns 404 using service principal in Developer

PHP, Curl to get embed token via API GenerateToken returns 404 using service principal

wingmanzz — Wed, 14 Oct 2020 18:50:34 GMT

Hi all,

This snippet of code:

<?php /* Get token using a POST request */ $clientId = 'xxx'; $clientSecret = 'xxx'; $tenantId = 'xxxx'; $urlAccessToken = "https://login.windows.net/$tenantId/oauth2/token"; $resource = 'https://analysis.windows.net/powerbi/api'; $group = 'xxx'; $report ='xxx'; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://login.microsoftonline.com/$tenantId/oauth2/token"); curl_setopt($ch, CURLOPT_POST, TRUE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_POSTFIELDS, array( 'resource' => $resource, 'client_id' => $clientId, 'client_secret' => $clientSecret, 'grant_type' => 'client_credentials' )); $data = curl_exec($ch); curl_close($ch); $data_obj = json_decode($data); $access_token = $data_obj->{"access_token"}; $headers = array( "Content-Type: application/json", "Authorization: Bearer $access_token" ); $url = "https://api.powerbi.com/v1.0/myorg/groups/$group/reports/$report/GenerateToken"; #$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports"; $post_params = array( 'accessLevel' => 'View' ); $payload = json_encode($post_params); $ch2 = curl_init( $url ); curl_setopt( $ch2, CURLOPT_POST, true); curl_setopt( $ch2, CURLINFO_HEADER_OUT, true); curl_setopt( $ch2, CURLOPT_POST, $payload); curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers ); curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true); curl_setopt( $ch2, CURLOPT_FAILONERROR, true); $response = curl_exec( $ch2 ); if (curl_errno($ch2)) { $error_msg = curl_error($ch2); } echo $response; curl_close($ch2); if (isset($error_msg)) { echo $error_msg; } ?>

Authenticates properly (getting us an access token), then attempts call GenerateToken using that access token. It authenticates fine, but ALWAYS returns 404. I know the reports are there, and that the ids are correct because we can interrogate the reports using this snippet (and the same authtoken):

$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports"; $headers = array( "Content-Type: application/json", "Authorization: Bearer $access_token" ); $payload = json_encode($post_params); $ch2 = curl_init( $url ); curl_setopt( $ch2, CURLOPT_POST, true); curl_setopt( $ch2, CURLINFO_HEADER_OUT, true); curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers ); curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true); curl_setopt( $ch2, CURLOPT_FAILONERROR, true); $response = curl_exec( $ch2 ); if (curl_errno($ch2)) { $error_msg = curl_error($ch2); } echo $response; curl_close($ch2);

and get back the proper looking JSON for all the reports in the workspace in question. So we know the auth works, we know the accesstoken has access to the workspace--why am I getting a 404 back? Ive double and triple checked the ids against the JSON returned by the reports list API. Totally stumped.

Re: PHP, Curl to get embed token via API GenerateToken returns 404 using service principal

PhilipTreacy — Fri, 16 Oct 2020 01:28:59 GMT

Hi @wingmanzz

Of course you shouldn't get a 404 if the resource was found so that's odd.

Once you've got a valid access token you can try using Postman to issue the GenerateToken request and see what is happening.

https://www.postman.com/

Phil

Re: PHP, Curl to get embed token via API GenerateToken returns 404 using service principal

wingmanzz — Wed, 21 Oct 2020 16:53:25 GMT

So we dug into this a little bit more and were able to debug it..it was an error in the curl_setopts. posting fixed code here, in case anyone runs across this issue.

<?php /* Get token using a POST request */ $clientId = 'xxx'; $clientSecret = 'xxx'; $tenantId = 'xxxx'; $urlAccessToken = "https://login.windows.net/$tenantId/oauth2/token"; $resource = 'https://analysis.windows.net/powerbi/api'; $group = 'xxx'; $report ='xxx'; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://login.microsoftonline.com/$tenantId/oauth2/token"); curl_setopt($ch, CURLOPT_POST, TRUE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_POSTFIELDS, array( 'resource' => $resource, 'client_id' => $clientId, 'client_secret' => $clientSecret, 'grant_type' => 'client_credentials' )); $data = curl_exec($ch); curl_close($ch); $data_obj = json_decode($data); $access_token = $data_obj->{"access_token"}; $headers = array( "Content-Type: application/json", "Authorization: Bearer $access_token" ); $url = "https://api.powerbi.com/v1.0/myorg/groups/$group/reports/$report/GenerateToken"; #$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports"; $post_params = array( 'accessLevel' => 'View' ); $payload = json_encode($post_params); $ch2 = curl_init( $url ); curl_setopt( $ch2, CURLINFO_HEADER_OUT, true); curl_setopt( $ch2, CURLOPT_POSTFIELDS, $payload); curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers ); curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true); curl_setopt( $ch2, CURLOPT_FAILONERROR, true); $response = curl_exec( $ch2 ); if (curl_errno($ch2)) { $error_msg = curl_error($ch2); } echo $response; curl_close($ch2); if (isset($error_msg)) { echo $error_msg; } ?>