Check your eligibility for this 50% exam voucher offer and join us for free live learning sessions to get prepared for Exam DP-700.
Get StartedDon't miss out! 2025 Microsoft Fabric Community Conference, March 31 - April 2, Las Vegas, Nevada. Use code MSCUST for a $150 discount. Prices go up February 11th. Register now.
Hello
I am trying to implement Row Level Security (RLS) with Power BI Embedded (App Owns Data). I have tried watching a video from Guy In A Cube and reading the following documentation:
https://www.youtube.com/watch?v=yNF-_l2f7w0
https://docs.microsoft.com/en-us/power-bi/developer/embedded/embedded-row-level-security
When using the sample program from Guy In A Cube (https://github.com/guyinacube/Embed-API-Sample/tree/master/EmbedAPISample) to generate embed tokens i get the following error:
Microsoft.Rest.HttpOperationException: Operation returned an invalid status code 'Forbidden'
at Microsoft.PowerBI.Api.ReportsOperations.<GenerateTokenInGroupWithHttpMessagesAsync>d__32.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.PowerBI.Api.ReportsOperationsExtensions.<GenerateTokenInGroupAsync>d__87.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.PowerBI.Api.ReportsOperationsExtensions.GenerateTokenInGroup(IReportsOperations operations, Guid groupId, Guid reportId, GenerateTokenRequest requestParameters)
at EmbedAPISample.Program.Main(String[] args) in C:\Embed-API-Sample-master\Embed-API-Sample-master\EmbedAPISample\Program.cs:line 60
I have two Power BI reports hosted in a "Premium per Capacity" licensed workspace ("new workspace") - one report with RLS and roles and one without. I the same (very similar) error for both reports (setting the useRLS variable to false for the report without RLS).
I am using a service principal (Azure AD app) and have inputed/edited the following in the sample program:
My application have access to the following APIs:
Any ideas as to what might cause the error?
Hi @differHelp ,
Usually Forbidden error indicates the registered app doesn't have suffiecient permission, please check premissions in
azure portal. For other issues, to have a better troubleshooting, please add try..catch block to get more detailed error information.
Best Regards,
Liang
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!
Check out the January 2025 Power BI update to learn about new features in Reporting, Modeling, and Data Connectivity.
User | Count |
---|---|
9 | |
1 | |
1 | |
1 | |
1 |
User | Count |
---|---|
11 | |
3 | |
2 | |
2 | |
2 |