Power BI is turning 10! Tune in for a special live episode on July 24 with behind-the-scenes stories, product evolution highlights, and a sneak peek at what’s in store for the future.
Save the dateEnhance your career with this limited time 50% discount on Fabric and Power BI exams. Ends August 31st. Request your voucher.
Hi,
i've got an on premise SSAS instance which is configured in powerbi using gateway, configuration is proper as report using dataset from SSAS works from app.powebi and even from embedded report if token is requested using username/password flow.
From security reasons our client demand was to introduce service principal, it is turned on, set as admin on workspace, i've added 'ReadOverrideEffectiveIdentity' to service principle using powerbi dataset api.
Currently when i request embedd token using clientSecret (service principal) it requires EffectiveIdentity to be passed (which was not passed before in this path).
I;ve tested two different approaches:
-passed EffectiveIdentity with identifier = ServicePrincipalObjectId
* i can see in developer tools that https://wabi-north-europe-redirect.analysis.windows.net/powerbi/metadata/models/5330774/?modelOption...
returned 401
-passed currently logged userId (this is normally passed for other datasets pointing directly to database):
*report is embedded but when it's loadingvisuals i get 401 and i can see that 'https://wabi-north-europe- redirect.analysis.windows.net/explore/querydata'
returned "{"error":{"code":"RLSNotAuthorizedForImpersonation","pbi.error":{"code":"RLSNotAuthorizedForImpersonation","parameters":{},"details":[],"exceptionCulprit":1}}}"
Do you have any ideas what should i check next and what is wrong?
I've based my work mostly on:
https://prologika.com/power-bi-embedded-service-principals-and-ssas/
Thanks in advance