topic Re: REST API Silent Authentication (Token) in Developer

REST API Silent Authentication (Token)

visure — Sun, 09 Apr 2017 00:07:25 GMT

Hi guys,

I was following the steps in this topic:
Http://community.powerbi.com/t5/Developer/How-to-use-Power-BI-Rest-API-without-GUI-authentication-redirect/m-p/6030/highlight/true#

To perform the same operations in PHP however I am having some difficulty playing in php,

- I created an an App at https://dev.powerbi.com/apps as NativeApp
- I gave all the permissions
- I got my client_id

Basically I'm making a request (post) on:
https://login.windows.net/common/oauth2/token

With the parameters:
grant_type = password
scope = openid
resource = https: //analysis.windows.net/powerbi/api
client_id = MY_CLIENT_IS
username = MY_USER_NAME
password = MY_PASSWORD

But I always get:
AADSTS65001: The user or administrator has not consented to use the application with ID 'CLIENT_ID'. Send an interactive authorization request for this user and resource. Trace ID: f9380076-1990-4d5d-b615-925a47121100

What's wrong?

Note: I don't use Azure Management Portal

Re: REST API Silent Authentication (Token)

Eric_Zhang — Fri, 14 Apr 2017 06:52:25 GMT

@visure

That is a more AAD related issue.

Check similar threads

http://stackoverflow.com/questions/34775287/oauth2-with-azure-ad-not-getting-user-consent

http://stackoverflow.com/questions/40109711/the-user-or-administrator-has-not-consented-to-use-the-application-send-an-int

For better response, I'd suggest you post in AAD forum.

Re: REST API Silent Authentication (Token)

visure — Fri, 14 Apr 2017 07:06:11 GMT

Thanks @Eric_Zhang, I already solved it,

Just read a little more how the authentication flow works 🙂

Re: REST API Silent Authentication (Token)

Eric_Zhang — Fri, 14 Apr 2017 08:34:13 GMT

@visure wrote:

Thanks @Eric_Zhang, I already solved it,

Just read a little more how the authentication flow works 🙂

@visure

Could you share the solution?

Re: REST API Silent Authentication (Token)

visure — Fri, 14 Apr 2017 08:54:53 GMT

@Eric_Zhang

Of course,

When I calmly read the message "The user or administrator has not consented to use the application" I started to ask myself "where could I consent the permissions", the quick response came "Azure AD".

I started to search how the Azure AD permissions system works and I found this link:
Https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-integrating-applications

After reading it I conclude: I created the application through PowerBI (http://dev.powerbi.com/apps) which generated an application in Azure AD (http://portal.azure.com), so I still had to delegate the application permissions - my user was also the account administrator so I just needed to grant the permissions.

Steps:

Create app on PowerBI > Go to Azure Portal > Find Azure Active Directory > Find the Application > Grant Permissions

Any questions are welcome.

Re: REST API Silent Authentication (Token)

Janavarsha — Sat, 15 Jul 2017 04:39:17 GMT

I want power bi authenication code in java.can please give some codes.

Re: REST API Silent Authentication (Token)

Valtyr — Wed, 23 Aug 2017 13:21:43 GMT

Thanks, that did the trick for me.

Re: REST API Silent Authentication (Token)

msplants — Sat, 11 Nov 2017 00:18:36 GMT

I was getting this same error in a native application using ADAL trying to access the PowerBI REST API. I had given all of the correct permissions in AAD as discussed in previous solutions, but had already received a token from a previous signin (before I gave the PowerBI Service permissions in AAD). My issue was that the previous token was stale and did not contain the updated claims. For me, the solution was to use PromptBehavior.RefreshSession as per the code below.

AuthenticationResult result = await authenticationContext.AcquireTokenAsync(resourceId, clientId, redirectURI, new PlatformParameters(PromptBehavior.RefreshSession, false));

As per MSDN, PromptBehavior.RefreshSession "Re-authorizes (through displaying webview) the resource usage, making sure that the resulting access token contains updated claims. If user logon cookies are available, the user will not be asked for credentials again and the logon dialog will dismiss automatically."

Re: REST API Silent Authentication (Token)

dharamgoyal — Fri, 22 Dec 2017 06:47:50 GMT

Hi @visure,

Doing same but still getting error:

AADSTS65001: The user or administrator has not consented to use the application with ID 'xxxxxxxxxxxxxxxxxx' named 'LSNTestAPP'. Send an interactive authorization request for this user and resource.\r\nTrace ID: 19f4be86-94db-45ad-961a-46a570ad4300\r\nCorrelation ID: 99c5058f-177a-459b-9509-def5865d5fcf\r\nTimestamp: 2017-12-22 06:43:15Z

It's error coming while login with power bi user credentials but when use azure port admin credentials then it's work so please let me know what i am missing to authenticate powerbi user to get access token.

I have spend lot of time on it please help me out to resove this isssue.

I hope for your quick response!

Re: REST API Silent Authentication (Token)

Ludia — Fri, 06 Apr 2018 01:17:41 GMT

Hello Visure,

Steps:

Create app on PowerBI > Go to Azure Portal > Find Azure Active Directory > Find the Application > Grant Permissions

Thanks a lot for your sharing and based on your steps, i couldn't find the Application before granting permissions? Could you kindly show the steps for "Create app on Power BI"?

Many thanks

Ludia

Re: REST API Silent Authentication (Token)

visure — Fri, 06 Apr 2018 03:01:53 GMT

Hey Ludia,

Just go to: https://dev.powerbi.com/apps and create your application

Hope this helps

Re: REST API Silent Authentication (Token)

human239874 — Wed, 18 Apr 2018 16:37:46 GMT

Your clear and concise instructions really helped me out. I would have never figured out I had to go into portal.azure.com to enable the PowerBI permissions. I was thinking that Power BI was completely separate. Thanks a bunch for taking the time to post your solution!

Re: REST API Silent Authentication (Token)

ZappySys — Wed, 18 Jul 2018 13:47:37 GMT

Please look at below blog post see it helps.

https://zappysys.com/blog/howto-import-json-rest-api-power-bi/

Using ZappySys ODBC API drivers you can import any REST API.

Check below example how to use OAuth connection in ZappySys ODBC driver. You can select Custom Provider + OAuth 2.0 Version. Select Scope, Grant Type (i.e. Password Grant), Client ID, Userid, password.

You can also supply non-standard OAuth attributes on Advanced Tab (e.g. resource=http://your-resource-url)

ZappySys Driver - OAuth Configuration (Grant Type, Scope, Auth URL)

ZappySys ODBC JSON Driver - Configure REST API callZappySys ODBC JSON Driver - SQL Query Preview (Read from JSON / XML / CSV File or REST API

Re: REST API Silent Authentication (Token)

Ludia — Wed, 18 Jul 2018 20:48:25 GMT

@visure

Thanks a lot for your great help, my problem was solved

Re: REST API Silent Authentication (Token)

visure — Wed, 18 Jul 2018 20:49:52 GMT

@Ludia

You are welcome

Re: REST API Silent Authentication (Token)

visure — Wed, 18 Jul 2018 20:51:17 GMT

@ZappySys I do not think it's the case of promoting a product on an important integration issue.