Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Level up your Power BI skills this month - build one visual each week and tell better stories with data! Get started

Reply
syedaliammar
Frequent Visitor

403 Forbidden error when creating Dataset using REST API

‎08-23-2016 04:50 AM

Hi,

I have an ASP.NET web app that would push data to a PowerBI real-time dashboard. Following the steps of "Push data into dashboard", I registered my web-app and got a client id and secret.

The following code gets me the token:

AuthenticationContext authContext = new AuthenticationContext(authorityUri);
ClientCredential cc = new ClientCredential(clientID, clientSecret);
Task<AuthenticationResult> task = authContext.AcquireTokenAsync(resourceUri, cc);
AuthenticationResult ar = task.Result;
string token = ar.AccessToken;

I use this since I do not want an interactive logon. The web-app will just keep pushing data to the dashboard every time it has something new. The token is successfully received and is then used to create a dataset.

 

The server responds with a 403 Forbidden error message. The only reason that comes to my mind is that it might be because I have two Active Directories. My web-app is in AAD 1 (the corporate AAD) while the dev.powerbi.com/apps page registers the application to AAD 2.

I unfortunately do not have access to add applications to AAD1 and hence must wait for the admin to respond.

 

My question: Have I correctly identified the root cause of the problem or is it something else that I might have completely left out?

Labels:
Message 1 of 3
1,860 Views
0
2 REPLIES 2
Eric_Zhang
Microsoft Employee
Microsoft Employee

‎08-24-2016 02:14 AM

@syedaliammar

 

@syedaliammar wrote:

Hi,

I have an ASP.NET web app that would push data to a PowerBI real-time dashboard. Following the steps of "Push data into dashboard", I registered my web-app and got a client id and secret.

The following code gets me the token:

AuthenticationContext authContext = new AuthenticationContext(authorityUri);
ClientCredential cc = new ClientCredential(clientID, clientSecret);
Task<AuthenticationResult> task = authContext.AcquireTokenAsync(resourceUri, cc);
AuthenticationResult ar = task.Result;
string token = ar.AccessToken;

I use this since I do not want an interactive logon. The web-app will just keep pushing data to the dashboard every time it has something new. The token is successfully received and is then used to create a dataset.

 

The server responds with a 403 Forbidden error message. The only reason that comes to my mind is that it might be because I have two Active Directories. My web-app is in AAD 1 (the corporate AAD) while the dev.powerbi.com/apps page registers the application to AAD 2.

I unfortunately do not have access to add applications to AAD1 and hence must wait for the admin to respond.

 

My question: Have I correctly identified the root cause of the problem or is it something else that I might have completely left out?

@syedaliammar

 

I got confused by the bold part, isn't the web-app regisitered  on the dev.powerbi.com/apps? if the same thing, how come two AAD invloved in this case?

Message 2 of 3
1,829 Views
0
syedaliammar
Frequent Visitor
In response to Eric_Zhang

‎08-24-2016 08:24 AM

@Eric_Zhang Honestly, I am also a bit confused here. Let me try to provide you further details that might help you identify the problem.

I have a corporate Azure account (ending with "...onmicrosoft.com") that I use for PowerBI as well as the Azure Portal. The portal shows me two directories when I login, AD1 and AD2.

 

All work is done in the company's globally managed Azure AD1 and this is where the web-app also exists. Following the steps, I then added this web-app to the Azure AD by going to https://dev.powerbi.com/apps, logging in with my onmicrosoft.com account, filling the details in and clicking on the "Register App" button.

 

However, this registers the web-app in AD2. My concerns here:

  1. Is it because AD1 is managed by global admins and I don't have permissions to add apps to it?
  2. I can see it listed in the list of applications under AD2. How did it choose AD2 and not AD1 when I clicked the Register App button?

Moving on, I attempted to create the dataset using the snippet provided here with the token received and failed by getting the 403 Forbidden error response.

 

If I Create a dataset using Apiary, it is created without any problems which is again confusing to me. Do I need to authenticate the web-app first and then use the following?

AuthenticationResult AR = AC.AcquireTokenByAuthorizationCode(code, new Uri(redirectUri), cc);

I'd really appreciate any help you could provide. 

Message 3 of 3
1,821 Views
0

Helpful resources

Announcements
April Power BI Update Carousel

Power BI Monthly Update - April 2026

Check out the April 2026 Power BI update to learn about new features.

Fabric SQL PBI Data Days

Data Days 2026 coming soon!

Sign up to receive a private message when registration opens and key events begin.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

View All