topic Re: Problems with "Unauthorized" requests when embedding reports in Developer

Problems with "Unauthorized" requests when embedding reports

peterhvogel — Fri, 20 Sep 2024 18:54:38 GMT

I obviously don't understand what's going on with embedding Power BI reports, at least in a trial account.

I have one working embedded report: App Registration, Permissions (granted admin consent), Principal added to security group, security group added to Power BI workspace. Worked the first time I run my app.

But I had granted every permission that I thought might possibly be required to embed a report. I wanted, to see what permissions were actually required, so I started stripping down the list. Here's my first problem: I can strip out, literally, every permission except the base permission for Graph...and it still works (even deleted the permissions from the "used to be used list" at the bottom of the page.

I then created another App Registration and -- honest to gosh -- it's a duplicate of my first registration with all the permissions. and its service principal is assigned to the same security group as the first registration. Except it doesn't work.

I'm beginning to think that, in a Trial Power BI account, you get to have one registration. Once that registration is used successfully, some flag is set so that changes to the registration make no difference.

Does any one have some insights here that will help me understand what's going on?

Re: Problems with "Unauthorized" requests when embedding reports

Anonymous — Mon, 23 Sep 2024 03:03:18 GMT

Hi @peterhvogel ,

According to your statement, I think you are using service principal as authentication method when you embed for customer.

As far as I know, we don't need to grant permission when we choose service principal as authenctication method, we just need to add it into a security group, turn on the permission in Tenant Setting in Power BI Service and add it as a member in workspace.

You may refer to this blog to learn more details.

Best Regards,
Rico Zhou

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Re: Problems with "Unauthorized" requests when embedding reports

peterhvogel — Mon, 23 Sep 2024 07:17:43 GMT

I was coming around to the conclusion that "embed for customers" doesn't require any permissions (I was seduced by the wizard at https://app.powerbi.com/embedsetup where, as I remember, even for "embed for customer" you're asked for permissions (and, I believe, the walkthroughs and the old 'Power BI Developer in a Day' course all had you grant permissions). But my testing seemed to be showing that no permissions are required at all.

All the other problems I was having was because I was being stupid.