Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started

Reply
syedaliammar
Frequent Visitor

403 Forbidden error when creating Dataset using REST API

Hi,

I have an ASP.NET web app that would push data to a PowerBI real-time dashboard. Following the steps of "Push data into dashboard", I registered my web-app and got a client id and secret.

The following code gets me the token:

AuthenticationContext authContext = new AuthenticationContext(authorityUri);
ClientCredential cc = new ClientCredential(clientID, clientSecret);
Task<AuthenticationResult> task = authContext.AcquireTokenAsync(resourceUri, cc);
AuthenticationResult ar = task.Result;
string token = ar.AccessToken;

I use this since I do not want an interactive logon. The web-app will just keep pushing data to the dashboard every time it has something new. The token is successfully received and is then used to create a dataset.

 

The server responds with a 403 Forbidden error message. The only reason that comes to my mind is that it might be because I have two Active Directories. My web-app is in AAD 1 (the corporate AAD) while the dev.powerbi.com/apps page registers the application to AAD 2.

I unfortunately do not have access to add applications to AAD1 and hence must wait for the admin to respond.

 

My question: Have I correctly identified the root cause of the problem or is it something else that I might have completely left out?

2 REPLIES 2
Eric_Zhang
Microsoft Employee
Microsoft Employee

@syedaliammar

 


@syedaliammar wrote:

Hi,

I have an ASP.NET web app that would push data to a PowerBI real-time dashboard. Following the steps of "Push data into dashboard", I registered my web-app and got a client id and secret.

The following code gets me the token:

AuthenticationContext authContext = new AuthenticationContext(authorityUri);
ClientCredential cc = new ClientCredential(clientID, clientSecret);
Task<AuthenticationResult> task = authContext.AcquireTokenAsync(resourceUri, cc);
AuthenticationResult ar = task.Result;
string token = ar.AccessToken;

I use this since I do not want an interactive logon. The web-app will just keep pushing data to the dashboard every time it has something new. The token is successfully received and is then used to create a dataset.

 

The server responds with a 403 Forbidden error message. The only reason that comes to my mind is that it might be because I have two Active Directories. My web-app is in AAD 1 (the corporate AAD) while the dev.powerbi.com/apps page registers the application to AAD 2.

I unfortunately do not have access to add applications to AAD1 and hence must wait for the admin to respond.

 

My question: Have I correctly identified the root cause of the problem or is it something else that I might have completely left out?


@syedaliammar

 

I got confused by the bold part, isn't the web-app regisitered  on the dev.powerbi.com/apps? if the same thing, how come two AAD invloved in this case?

@Eric_Zhang Honestly, I am also a bit confused here. Let me try to provide you further details that might help you identify the problem.

I have a corporate Azure account (ending with "...onmicrosoft.com") that I use for PowerBI as well as the Azure Portal. The portal shows me two directories when I login, AD1 and AD2.

 

All work is done in the company's globally managed Azure AD1 and this is where the web-app also exists. Following the steps, I then added this web-app to the Azure AD by going to https://dev.powerbi.com/apps, logging in with my onmicrosoft.com account, filling the details in and clicking on the "Register App" button.

 

However, this registers the web-app in AD2. My concerns here:

  1. Is it because AD1 is managed by global admins and I don't have permissions to add apps to it?
  2. I can see it listed in the list of applications under AD2. How did it choose AD2 and not AD1 when I clicked the Register App button?

Moving on, I attempted to create the dataset using the snippet provided here with the token received and failed by getting the 403 Forbidden error response.

 

If I Create a dataset using Apiary, it is created without any problems which is again confusing to me. Do I need to authenticate the web-app first and then use the following?

AuthenticationResult AR = AC.AcquireTokenByAuthorizationCode(code, new Uri(redirectUri), cc);

I'd really appreciate any help you could provide. 

Helpful resources

Announcements
July 2024 Power BI Update

Power BI Monthly Update - July 2024

Check out the July 2024 Power BI update to learn about new features.

Top Solution Authors