Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Enhance your career with this limited time 50% discount on Fabric and Power BI exams. Ends August 31st. Request your voucher.

Reply
ian_coetzer
Frequent Visitor

Embedding Report in Web Application, Authentication Error

‎02-11-2022 06:01 AM

Hi

I am struggling to embed a power bi report into a web application.

I created an Azure App and granted the Power BI Service authentication but still receiving error.

 

This is the error that appears in developer tools in the web browser: and then the steps i took:

 

blazor.server.js:19

[2022-02-11T13:49:10.049Z] Error: Microsoft.Rest.HttpOperationException: Operation returned an invalid status code 'Unauthorized'
at Microsoft.PowerBI.Api.ReportsOperations.GetReportInGroupWithHttpMessagesAsync(Guid groupId, Guid reportId, Dictionary`2 customHeaders, CancellationToken cancellationToken)
at Microsoft.PowerBI.Api.ReportsOperationsExtensions.GetReportInGroupAsync(IReportsOperations operations, Guid groupId, Guid reportId, CancellationToken cancellationToken)
at BlazorPowerBIEmbed.Pages.Index.OnAfterRenderAsync(Boolean firstRender) in C:\Users\ic\Desktop\Sandbox\BlazorPowerBIEmbed\BlazorPowerBIEmbed\Pages\Index.razor:line 55
at Microsoft.AspNetCore.Components.RenderTree.Renderer.GetErrorHandledTask(Task taskToHandle)

 

 

Simple, Blazor Service Side App

 

_Host.cshtml

 

<script src="js/powerbi.min.js"></script>

<script>
window.ShowMyPowerBI = {
showReport: function (reportContainer, accessToken, embedUrl, embedReportId) {
// Get models. models contains enums that can be used.
var models = window['powerbi-client'].models;
var config = {
type: 'report',
tokenType: models.TokenType.Embed,
accessToken: accessToken,
embedUrl: embedUrl,
id: embedReportId,
permissions: models.Permissions.All,
settings: {
filterPaneEnabled: true,
navContentPaneEnabled: true
}
};
// Embed the report and display it within the div container.
powerbi.embed(reportContainer, config);
},
};
</script>

 

PowerBI.razor

 

@page "/PowerBI"
@using System.Net.Http
@using System.Threading.Tasks
@using Microsoft.Identity.Client
@using Microsoft.PowerBI.Api
@using Microsoft.PowerBI.Api.Models
@using Microsoft.Rest
@using Newtonsoft.Json.Linq
@using Microsoft.Extensions.Configuration
@using Microsoft.JSInterop

@inject IJSRuntime JSRuntime
@inject IConfiguration _configuration

<h3>PowerBI Embedded</h3>

<div @ref="@PowerBIElement" style="width:100%;height:600px;max-width: 2000px" />


@code {
private ElementReference PowerBIElement;
string TenantID = "asdf";
string ClientID = "asdf";

string ClientSecret = "asdf";
string workspaceId = "asdf";
string reportId = "asdf";
protected override async Task
OnAfterRenderAsync(bool firstRender)
{
if (firstRender)
{
var result = new PowerBIEmbedConfig();
// Authenticate using created credentials

AuthenticationResult authenticationResult = null;
authenticationResult = await DoAuthentication();
var tokenCredentials =
new TokenCredentials(authenticationResult.AccessToken, "Bearer");
using (var client = new PowerBIClient(
new Uri("https://api.powerbi.com/"), tokenCredentials))
{
var report =
await client.Reports.GetReportInGroupAsync(
new Guid(workspaceId),
new Guid(reportId));
var generateTokenRequestParameters =
new GenerateTokenRequest(accessLevel: "view");
var tokenResponse =
await client.Reports.GenerateTokenAsync(
new Guid(workspaceId),
new Guid(reportId),
generateTokenRequestParameters);
result.EmbedToken = tokenResponse;
result.EmbedUrl = report.EmbedUrl;
result.Id = report.Id.ToString();
await Interop.CreateReport(
JSRuntime,
PowerBIElement,
tokenResponse.Token,
report.EmbedUrl,
report.Id.ToString());
}
}
}
private const string AuthorityFormat = "https://login.microsoftonline.com/{0}/v2.0";
private const string MSGraphScope = "https://analysis.windows.net/powerbi/api/.default";
private async Task<AuthenticationResult>
DoAuthentication()
{
IConfidentialClientApplication daemonClient;
daemonClient = ConfidentialClientApplicationBuilder.Create(ClientID)
.WithAuthority(string.Format(AuthorityFormat, TenantID))
.WithClientSecret(ClientSecret)
.Build();
AuthenticationResult authResult =
await daemonClient.AcquireTokenForClient(new[] { MSGraphScope }).ExecuteAsync();
return authResult;
}
}

 

 

 

 

 

Labels:
Message 1 of 4
2,156 Views
0
1 ACCEPTED SOLUTION
ian_coetzer
Frequent Visitor

‎02-14-2022 02:13 AM

Hi, I managed to get it working by including the Azure App ID that I registred as a Member in the actual Power BI workspace.

View solution in original post

Message 3 of 4
2,062 Views
3 REPLIES 3
ian_coetzer
Frequent Visitor

‎02-14-2022 02:13 AM

Hi, I managed to get it working by including the Azure App ID that I registred as a Member in the actual Power BI workspace.

Message 3 of 4
2,063 Views
Anonymous
Not applicable
In response to ian_coetzer

‎02-15-2022 12:01 AM

Hi @ian_coetzer ,

It's glad to hear that you got it worked. And thanks for sharing your solution here. Could you please just mark your post as Answered? It will help the others in the community find the solution easily if they face the same problem with you. Thank you.

Best Regards

Message 4 of 4
2,035 Views
0
Anonymous
Not applicable

‎02-14-2022 01:59 AM

Hi @ian_coetzer ,

Based on the error message, it appears to be a permissions issue. Are you using embedded for customer solution? There are two threads here with the same problem as yours, you can refer to the solution there to solve your problem. Hope they can help you.

Unauthorized response on GetReportInGroupAsync PowerBI Embedded API call using Service Principal

For Service Principal to work for any embedding, you need to enable Service Principal option in Power BI Admin portal and then, add it to the Power BI workspace.

Please check the following once:

  1. Check if service principal is enabled under Admin portal in Power BI service. Follow step 3 onwards
  2. If things don't work for you after following the above step, try embedding with the developer sample

Besides, based on your code it looks like you are using ADAL library for authentication. Microsoft recommends to use MSAL library for authentication with Azure AD entities.
Also, you can use certificate instead of app secret for service principal authentication. (Docs)

Status: Unauthorized (401) error while getting the reports from the workspace

I had exact the same issue, and I checked the API call's header X-PowerBI-Error-Info. What I found there was: ServicePrincipalIsNotAllowedByTenantAdminSwitch.

So, your's tenant's admin should switch on "Allow service principals to use Power BI APIs" and apply it to security group where Service Principal resides:

yingyinr_0-1644832599826.png

Best Regards

Message 2 of 4
2,067 Views
0

Helpful resources

Announcements
July 2025 community update carousel

Fabric Community Update - July 2025

Find out what's new and trending in the Fabric community.

July PBI25 Carousel

Power BI Monthly Update - July 2025

Check out the July 2025 Power BI update to learn about new features.

View All