Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

The Power BI Data Visualization World Championships is back! Get ahead of the game and start preparing now! Learn more

Reply
Green_Eagle
New Member

ODATA sends unencrypted HTTP request even though the service is HTTPS

‎07-06-2022 12:30 AM

Greeetings.

 

We are attempting to consume an ODATA feed using basic authentication. 

Even though we have configured the HTTPS URL of the service (see figure 1 and figure 2), PowerBI seems to invoke the $metadata service using plain HTTP, and places the basic authentication header in the request (see figure 3), resulting in a possible security issue.

 

Is there any way to force PowerBI to respect HTTPS in all requests?

 

Figure 1: Configuring the ODATA feed

Green_Eagle_0-1657095211103.png

 

 

Figure 2: Configuring credentials

Green_Eagle_1-1657095218491.png

 

 

Figure 3: Output from "sniffer tool"

cap3.png

Labels:
Message 1 of 3
856 Views
2 REPLIES 2
v-jingzhang
Community Support
Community Support

‎07-11-2022 12:07 AM

Hi @Green_Eagle 

 

Based on my test, the basic authentication info "username:password" will be encoded and passed to the Authorization option in headers. If I use an access token to connect to an API, it is also passed to Authorization option. 

 

I'm not sure how to force it to respect HTTPS. Below is an old thread about basic authentication, hope it would be helpful. 

https://community.powerbi.com/t5/Desktop/Odata-feed-URL-basic-authentication/m-p/606088 

 

Best Regards,
Community Support Team _ Jing

Message 2 of 3
788 Views
0
Green_Eagle
New Member
In response to v-jingzhang

‎07-22-2022 08:09 AM

Thanks for your answer @v-jingzhang 

 

Configuring an HTTPS service and having Excel/PowerBI sending messages thru HTTP sounds like a serious security issue...

 

Do you know what would be the proper channel to escalate this issue?

Message 3 of 3
778 Views
0

Helpful resources

Announcements
Power BI DataViz World Championships

Power BI Dataviz World Championships

The Power BI Data Visualization World Championships is back! Get ahead of the game and start preparing now!

November Power BI Update Carousel

Power BI Monthly Update - November 2025

Check out the November 2025 Power BI update to learn about new features.

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All