cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
syedaliammar
Frequent Visitor

403 Forbidden error when creating Dataset using REST API

‎08-23-2016 04:50 AM

Hi,

I have an ASP.NET web app that would push data to a PowerBI real-time dashboard. Following the steps of "Push data into dashboard", I registered my web-app and got a client id and secret.

The following code gets me the token:

AuthenticationContext authContext = new AuthenticationContext(authorityUri);
ClientCredential cc = new ClientCredential(clientID, clientSecret);
Task<AuthenticationResult> task = authContext.AcquireTokenAsync(resourceUri, cc);
AuthenticationResult ar = task.Result;
string token = ar.AccessToken;

I use this since I do not want an interactive logon. The web-app will just keep pushing data to the dashboard every time it has something new. The token is successfully received and is then used to create a dataset.

 

The server responds with a 403 Forbidden error message. The only reason that comes to my mind is that it might be because I have two Active Directories. My web-app is in AAD 1 (the corporate AAD) while the dev.powerbi.com/apps page registers the application to AAD 2.

I unfortunately do not have access to add applications to AAD1 and hence must wait for the admin to respond.

 

My question: Have I correctly identified the root cause of the problem or is it something else that I might have completely left out?

Labels:
Message 1 of 3
1,104 Views
0
2 REPLIES 2
Eric_Zhang
Microsoft
Microsoft

‎08-24-2016 02:14 AM

@syedaliammar

 

@syedaliammar wrote:

Hi,

I have an ASP.NET web app that would push data to a PowerBI real-time dashboard. Following the steps of "Push data into dashboard", I registered my web-app and got a client id and secret.

The following code gets me the token:

AuthenticationContext authContext = new AuthenticationContext(authorityUri);
ClientCredential cc = new ClientCredential(clientID, clientSecret);
Task<AuthenticationResult> task = authContext.AcquireTokenAsync(resourceUri, cc);
AuthenticationResult ar = task.Result;
string token = ar.AccessToken;

I use this since I do not want an interactive logon. The web-app will just keep pushing data to the dashboard every time it has something new. The token is successfully received and is then used to create a dataset.

 

The server responds with a 403 Forbidden error message. The only reason that comes to my mind is that it might be because I have two Active Directories. My web-app is in AAD 1 (the corporate AAD) while the dev.powerbi.com/apps page registers the application to AAD 2.

I unfortunately do not have access to add applications to AAD1 and hence must wait for the admin to respond.

 

My question: Have I correctly identified the root cause of the problem or is it something else that I might have completely left out?

@syedaliammar

 

I got confused by the bold part, isn't the web-app regisitered  on the dev.powerbi.com/apps? if the same thing, how come two AAD invloved in this case?

Message 2 of 3
1,073 Views
0
syedaliammar
Frequent Visitor
In response to Eric_Zhang

‎08-24-2016 08:24 AM

@Eric_Zhang Honestly, I am also a bit confused here. Let me try to provide you further details that might help you identify the problem.

I have a corporate Azure account (ending with "...onmicrosoft.com") that I use for PowerBI as well as the Azure Portal. The portal shows me two directories when I login, AD1 and AD2.

 

All work is done in the company's globally managed Azure AD1 and this is where the web-app also exists. Following the steps, I then added this web-app to the Azure AD by going to https://dev.powerbi.com/apps, logging in with my onmicrosoft.com account, filling the details in and clicking on the "Register App" button.

 

However, this registers the web-app in AD2. My concerns here:

  1. Is it because AD1 is managed by global admins and I don't have permissions to add apps to it?
  2. I can see it listed in the list of applications under AD2. How did it choose AD2 and not AD1 when I clicked the Register App button?

Moving on, I attempted to create the dataset using the snippet provided here with the token received and failed by getting the 403 Forbidden error response.

 

If I Create a dataset using Apiary, it is created without any problems which is again confusing to me. Do I need to authenticate the web-app first and then use the following?

AuthenticationResult AR = AC.AcquireTokenByAuthorizationCode(code, new Uri(redirectUri), cc);

I'd really appreciate any help you could provide. 

Message 3 of 3
1,065 Views
0

Helpful resources

Announcements
PBI Sept Update Carousel

Power BI September 2023 Update

Take a look at the September 2023 Power BI update to learn more.

Learn Live

Learn Live: Event Series

Join Microsoft Reactor and learn from developers.

Dashboard in a day with date

Exclusive opportunity for Women!

Join us for a free, hands-on Microsoft workshop led by women trainers for women where you will learn how to build a Dashboard in a Day!

MPPC 2023 PBI Carousel

Power Platform Conference-Power BI and Fabric Sessions

Join us Oct 1 - 6 in Las Vegas for the Microsoft Power Platform Conference.

View All
Top Kudoed Authors
View All