Solved: PHP, Curl to get embed token via API GenerateToken...

wingmanzz · ‎10-14-2020

Hi all,

This snippet of code:

<?php
/* Get token using a POST request */

$clientId = 'xxx';
$clientSecret = 'xxx';
$tenantId = 'xxxx';
$urlAccessToken = "https://login.windows.net/$tenantId/oauth2/token";
$resource = 'https://analysis.windows.net/powerbi/api';
$group = 'xxx';
$report ='xxx';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://login.microsoftonline.com/$tenantId/oauth2/token");

curl_setopt($ch, CURLOPT_POST, TRUE);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'resource' => $resource,
'client_id' => $clientId,
'client_secret' => $clientSecret,
'grant_type' => 'client_credentials'
));

$data = curl_exec($ch);
curl_close($ch);

$data_obj = json_decode($data);
$access_token = $data_obj->{"access_token"};
$headers = array(
"Content-Type: application/json",
"Authorization: Bearer $access_token"
);


$url = "https://api.powerbi.com/v1.0/myorg/groups/$group/reports/$report/GenerateToken";
#$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports";
$post_params = array(
'accessLevel' => 'View'
);

$payload = json_encode($post_params);

$ch2 = curl_init( $url );
curl_setopt( $ch2, CURLOPT_POST, true);
curl_setopt( $ch2, CURLINFO_HEADER_OUT, true);
curl_setopt( $ch2, CURLOPT_POST, $payload);
curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers );
curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch2, CURLOPT_FAILONERROR, true);
$response = curl_exec( $ch2 );

if (curl_errno($ch2)) {
    $error_msg = curl_error($ch2);
}
echo $response;
curl_close($ch2);

if (isset($error_msg)) {
    echo $error_msg;
}

?>

Authenticates properly (getting us an access token), then attempts call GenerateToken using that access token. It authenticates fine, but ALWAYS returns 404. I know the reports are there, and that the ids are correct because we can interrogate the reports using this snippet (and the same authtoken):

$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports";
$headers = array(
   "Content-Type: application/json",
   "Authorization: Bearer $access_token"
);

$payload = json_encode($post_params);

$ch2 = curl_init( $url );
curl_setopt( $ch2, CURLOPT_POST, true);
curl_setopt( $ch2, CURLINFO_HEADER_OUT, true);
curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers );
curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch2, CURLOPT_FAILONERROR, true);
$response = curl_exec( $ch2 );

if (curl_errno($ch2)) {
    $error_msg = curl_error($ch2);
}
echo $response;
curl_close($ch2);

and get back the proper looking JSON for all the reports in the workspace in question. So we know the auth works, we know the accesstoken has access to the workspace--why am I getting a 404 back? Ive double and triple checked the ids against the JSON returned by the reports list API. Totally stumped.

wingmanzz · ‎10-21-2020

So we dug into this a little bit more and were able to debug it..it was an error in the curl_setopts. posting fixed code here, in case anyone runs across this issue.

<?php
/* Get token using a POST request */

$clientId = 'xxx';
$clientSecret = 'xxx';
$tenantId = 'xxxx';
$urlAccessToken = "https://login.windows.net/$tenantId/oauth2/token";
$resource = 'https://analysis.windows.net/powerbi/api';
$group = 'xxx';
$report ='xxx';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://login.microsoftonline.com/$tenantId/oauth2/token");

curl_setopt($ch, CURLOPT_POST, TRUE);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'resource' => $resource,
'client_id' => $clientId,
'client_secret' => $clientSecret,
'grant_type' => 'client_credentials'
));

$data = curl_exec($ch);
curl_close($ch);

$data_obj = json_decode($data);
$access_token = $data_obj->{"access_token"};
$headers = array(
"Content-Type: application/json",
"Authorization: Bearer $access_token"
);


$url = "https://api.powerbi.com/v1.0/myorg/groups/$group/reports/$report/GenerateToken";
#$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports";
$post_params = array(
'accessLevel' => 'View'
);

$payload = json_encode($post_params);

$ch2 = curl_init( $url );
curl_setopt( $ch2, CURLINFO_HEADER_OUT, true);
curl_setopt( $ch2, CURLOPT_POSTFIELDS, $payload);
curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers );
curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch2, CURLOPT_FAILONERROR, true);
$response = curl_exec( $ch2 );

if (curl_errno($ch2)) {
    $error_msg = curl_error($ch2);
}
echo $response;
curl_close($ch2);

if (isset($error_msg)) {
    echo $error_msg;
}

?>

View solution in original post

PhilipTreacy · ‎10-15-2020

Hi @wingmanzz

Of course you shouldn't get a 404 if the resource was found so that's odd.

Once you've got a valid access token you can try using Postman to issue the GenerateToken request and see what is happening.

https://www.postman.com/

Phil

Did I answer your question? Then please mark my post as the solution.
If I helped you, click on the Thumbs Up to give Kudos.

Blog :: YouTube Channel :: Connect on Linkedin

Proud to be a Super User!

wingmanzz · ‎10-21-2020

So we dug into this a little bit more and were able to debug it..it was an error in the curl_setopts. posting fixed code here, in case anyone runs across this issue.

<?php
/* Get token using a POST request */

$clientId = 'xxx';
$clientSecret = 'xxx';
$tenantId = 'xxxx';
$urlAccessToken = "https://login.windows.net/$tenantId/oauth2/token";
$resource = 'https://analysis.windows.net/powerbi/api';
$group = 'xxx';
$report ='xxx';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://login.microsoftonline.com/$tenantId/oauth2/token");

curl_setopt($ch, CURLOPT_POST, TRUE);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'resource' => $resource,
'client_id' => $clientId,
'client_secret' => $clientSecret,
'grant_type' => 'client_credentials'
));

$data = curl_exec($ch);
curl_close($ch);

$data_obj = json_decode($data);
$access_token = $data_obj->{"access_token"};
$headers = array(
"Content-Type: application/json",
"Authorization: Bearer $access_token"
);


$url = "https://api.powerbi.com/v1.0/myorg/groups/$group/reports/$report/GenerateToken";
#$url ="https://api.powerbi.com/v1.0/myorg/groups/$group/reports";
$post_params = array(
'accessLevel' => 'View'
);

$payload = json_encode($post_params);

$ch2 = curl_init( $url );
curl_setopt( $ch2, CURLINFO_HEADER_OUT, true);
curl_setopt( $ch2, CURLOPT_POSTFIELDS, $payload);
curl_setopt( $ch2, CURLOPT_HTTPHEADER, $headers );
curl_setopt( $ch2, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch2, CURLOPT_FAILONERROR, true);
$response = curl_exec( $ch2 );

if (curl_errno($ch2)) {
    $error_msg = curl_error($ch2);
}
echo $response;
curl_close($ch2);

if (isset($error_msg)) {
    echo $error_msg;
}

?>

PHP, Curl to get embed token via API GenerateToken returns 404 using service principal

Helpful resources

Join us at the Microsoft Fabric Community Conference

Power BI Monthly Update - February 2025

Fabric Community Update - February 2025

Join us at the 2025 Microsoft Fabric Community Conference

PHP, Curl to get embed token via API GenerateToken returns 404 using service principal

Helpful resources

Join us at the Microsoft Fabric Community Conference

Power BI Monthly Update - February 2025

Fabric Community Update - February 2025