Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Compete to become Power BI Data Viz World Champion! First round ends August 18th. Get started.

Reply
estuck1991
Frequent Visitor

Access PowerBi API on a CGG

‎12-31-2024 02:34 PM

Hi All, 

 

I am trying to view reports through API endpoint https://api.high.powerbigov.us/v1.0/myorg/reports.
I have and app registration in azure with a client secret and permissions on api as follows:

estuck1991_0-1735682991266.png

Using the following I get a token from https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/token

 

estuck1991_3-1735683419750.png


However when i try to use the token i get X-PowerBI-Error-Info: InvalidToken

estuck1991_2-1735683229901.png

I have set the "Service Principals can use Fabric API's" to a security group and have made sure the azure app registration is in that security group.

Is there something that i am missing in the configuration?

 

 



Labels:
Message 1 of 4
728 Views
0
1 ACCEPTED SOLUTION
Anonymous
Not applicable

‎01-02-2025 11:28 PM

Thanks for the reply from lbendlin , please allow me to provide another insight: 
Hi  @estuck1991 ,

 

If the token generated by the service principal runs the API, the application should not grant any delegated permission, but should grant application permission. For specific permisson configuration needs, please refer to this restriction document:

Token - Generate Token - REST API (Power BI Power BI REST APIs) | Microsoft Learn

 

For the tenant admin setting that needs to be turned on, please refer to this document:

Use service principal profiles to manage customer data in multitenant apps - Power BI | Microsoft Le...

 

Best Regards,

Liu Yang

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

Message 4 of 4
556 Views
0
3 REPLIES 3
Anonymous
Not applicable

‎01-02-2025 11:28 PM

Thanks for the reply from lbendlin , please allow me to provide another insight: 
Hi  @estuck1991 ,

 

If the token generated by the service principal runs the API, the application should not grant any delegated permission, but should grant application permission. For specific permisson configuration needs, please refer to this restriction document:

Token - Generate Token - REST API (Power BI Power BI REST APIs) | Microsoft Learn

 

For the tenant admin setting that needs to be turned on, please refer to this document:

Use service principal profiles to manage customer data in multitenant apps - Power BI | Microsoft Le...

 

Best Regards,

Liu Yang

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Message 4 of 4
557 Views
0
lbendlin
Super User
Super User

‎12-31-2024 03:55 PM

As I understand it the issue may be with the Delegated scope. Try the app registration again but choose the other, non-delegated option.

Message 2 of 4
694 Views
0
estuck1991
Frequent Visitor
In response to lbendlin

‎01-02-2025 09:28 AM

I have switched to the only 2 API permissions for the Application Permissions on Microsoft Power BI Government Community Cloud.
estuck1991_0-1735838641838.png

However still getting 403 forbidden with invalidtoken

 

Message 3 of 4
615 Views
0

Helpful resources

Announcements
July 2025 community update carousel

Fabric Community Update - July 2025

Find out what's new and trending in the Fabric community.

July PBI25 Carousel

Power BI Monthly Update - July 2025

Check out the July 2025 Power BI update to learn about new features.

View All