Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started

Reply
Anonymous
Not applicable

Embedded tool authentication error

I'm using the Power BI onboarding Embed tool (https://app.powerbi.com/embedsetup/appownsdata) and the sample code.  When I try to access the Power BI report I get the message below (Unauthorized 401).  The user credentials used in the code is an Admin of the Workspace.  I have removed mutli-factor authentifcation from the user.  Any ideas how to resolve this? Thank you.

Error

            Status: Unauthorized (401)
Response: 
RequestId: 7ba996d8-5b40-4103-9676-c150d5e8e959
        

 

11 REPLIES 11
Anonymous
Not applicable

Hi @Jayendran .

 

Thank you for the suggestions.

 

I have tried registering the app and I get the following message.  I have tried adding the parameter client secret under the line for key applicationID.  I've tried adding it as key client_secret, clientsecret and applicationSecret but all return the same error.

 

Error

            AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
Trace ID: 56de3d8b-110a-4e47-94b8-bbccf5f18d00
Correlation ID: 65111496-fb4b-4a3a-be60-178baebf5775
Timestamp: 2019-11-19 09:33:07Z

 

 

The App is registered to have access to every Power BI API permission.

Hi @Anonymous ,

 

Ah you don't need a client secret since this is a Native app. 

 

Please see my answer below in Stackoverflow to convert your application into native app

 

https://stackoverflow.com/a/57274706

Anonymous
Not applicable

I have changed the client type to the setting Treat application as a publice client (Yes) and the follow error shows.  Thanks.

Error

            AADSTS65001: The user or administrator has not consented to use the application with ID 'a3bac064-6935-4003-847f-47bf0f8d9989' named 'Power BI Test 5'. Send an interactive authorization request for this user and resource.
Trace ID: b7704ba0-781b-4b29-a962-0591a6cc7600
Correlation ID: 9a83f383-90ad-42a2-90ab-6d90425c4f7e
Timestamp: 2019-11-19 10:02:25Z
        

 

Hi @Anonymous ,

 

You are almost in the final stage ,

 

permissions

 

You need to be a global admin to provide the consent, you can grant the admin cosnent by the above image

 

Please don't forget to give kudo's or Thumbup for the replay which you got useful.

Anonymous
Not applicable

Capture.PNG

 

Is it the 'Grant admin conset for Allvotec' that I need to select in this screen shot?  I guess that means I need my permissions upped to global admin?  Thank you.

 

 

Hi @Anonymous ,

 

Yes from the screenshot currently you are not the global admin . So you need to add global admin access to your account or you need the help from anyone in your organization who is already having the global admin. can give you the consent.

Anonymous
Not applicable

@Jayendran, I finally managed to get an Admin to grant consent. Unfortunately, I'm getting the error:

 

Error Status: Unauthorized (401) Response: RequestId: 6336bc11-f5fd-4c25-a490-319ff32748eb

Hi @Anonymous 

Pls check whether the user account is the Admin of the workspace. 

 

401 means usually you don't have permission to the workspace.

 

Possbile solution would be 

  • Check your user account is the Admin of the workspace
  • Verify that you are passing the workspace id correctly
Anonymous
Not applicable

@Jayendran @, you were right, somehow the workspace id was incorrect! It now works in debugging!

 

Unfortunately, I get the following error when accessing the deployed app url. I find this confusing as multi-factor authentication has been disabled.

 

Error AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '00000009-0000-0000-c000-000000000000'. Trace ID: 15de7ba9-f724-48ff-93da-4edae887d000 Correlation ID: c7084201-99cc-4b61-80c9-ebd9232c7c0a Timestamp: 2019-11-29 14:14:16Z

Hi @Anonymous ,

 

Somehow you have a policy in your Azure Active Directory which doesn't allow a user login without a MFA. Please contact your Azure Active Directory team and check them with this error.

 

Meanwhile I'd recommedn you to use a Service Principal(SPN) Approach rather than master account approach. Beacuse SPN is the best approach going forward.

 

Reference for SPN:

https://docs.microsoft.com/en-us/power-bi/developer/embed-service-principal

 

Helpful resources

Announcements
Sept PBI Carousel

Power BI Monthly Update - September 2024

Check out the September 2024 Power BI update to learn about new features.

September Hackathon Carousel

Microsoft Fabric & AI Learning Hackathon

Learn from experts, get hands-on experience, and win awesome prizes.

Sept NL Carousel

Fabric Community Update - September 2024

Find out what's new and trending in the Fabric Community.

Top Solution Authors