Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Be one of the first to start using Fabric Databases. View on-demand sessions with database experts and the Microsoft product team to learn just how easy it is to get started. Watch now

Reply
dpm
Frequent Visitor

403 error on API calls with Power BI REST API

‎08-14-2020 03:45 AM

Hi, I've already seen a couple of posts about this topic but none of the proposed solutions seem to solve the issue for me. 

 

Whenever I make a call to https://api.powerbi.com/v1.0/myorg/reports I get a 403 error even though it works on the "Try it" page in the documentation (https://docs.microsoft.com/en-us/rest/api/power-bi/reports/getreports#code-try-0).

 

Results in postman:

Naamloos.png

 

My code for receiving the access token:

Naamloos3.png

 

Configured permissions in azure

Naamloos4.png

 

Any help regarding this issue would be greatly appreciated 🙂

Labels:
Message 1 of 4
2,570 Views
0
3 REPLIES 3
MattCalderwood
Responsive Resident
Responsive Resident

‎08-14-2020 06:44 AM

Hi @dpm 

I am not familiar with the generic-provider object that you have used in your code examples... but one thing does look like it might be missing.

 

I am guessing that the 403 (Forbidden) rather than a 401 (Unauthorized) is due to your token being genuine, but you might be missing the target Resource URI that you want to access with your token.

 

For the Power BI Rest API you will need to supply https://analysis.windows.net/powerbi/api as a Resource URI.
You can see this in use, within the C# auth example -> ClientID + Secret (Service Principal access)  https://docs.microsoft.com/en-us/power-bi/developer/embedded/get-azuread-access-token#access-token-w...

 

Service Principal access works differently to the standard user access - which is why you will be seeing different results in the 'Try It' part of the REST API documentation.


Hope this helps,
Cheers, Matt

Message 2 of 4
2,532 Views
0
dpm
Frequent Visitor
In response to MattCalderwood

‎08-14-2020 08:20 AM

Thanks for the response!

 

This is the GenericProvider:

https://github.com/thephpleague/oauth2-client/blob/master/src/Provider/GenericProvider.php

 

Are you sure the Resource URI is necessary? It's not used in the "user owns data" example so it's a bit confusing to me

Message 3 of 4
2,520 Views
0
MattCalderwood
Responsive Resident
Responsive Resident
In response to dpm

‎08-14-2020 08:54 AM

Which method are you trying to use? App Owns Data or User Owns Data?

From the authentication perspective these are 2 very different methods.
If you are doing the App Owns Data (using a master password or service principal account in Azure), then you need to specify the target resource that you are going to use the token with. (the resource uri).

User Owns Data is different in that you would typically have a token from a users' logged in session - and use this when making API or embedding requests. The API/Service then authenticates against this token using the users' details.

Looking at the library you are using... it looks as though it is designed for authenticating users against a 3rd party login (Facebook, Google, etc..) so I am not 100% sure if this is up to the job of fetching the correct tokens from Azure for the app owns data scenario. (Note: I dont code in php).

I found this post that might help: https://www.msbiblog.com/2018/01/12/power-bi-embedded-example-using-curl-and-php/
It shows an example for using a users credentials for accessing the REST API (notice the reference to the resource uri).

This might be usable for both the App Owns Data and User Owns Data - but the latter is probably only going to work with a master password scenario - some details on the differences between master password and service principal are here:  https://docs.microsoft.com/en-us/power-bi/developer/embedded/embed-sample-for-customers#power-bi-use...

if you can share more details about the method you are using (App/User) then I can try and find an example that works for you.

Message 4 of 4
2,512 Views

Helpful resources

Announcements
Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!

Dec Fabric Community Survey

We want your feedback!

Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions.

ArunFabCon

Microsoft Fabric Community Conference 2025

Arun Ulag shares exciting details about the Microsoft Fabric Conference 2025, which will be held in Las Vegas, NV.

December 2024

A Year in Review - December 2024

Find out what content was popular in the Fabric community during 2024.

View All