Microsoft Fabric Community Conference 2025, March 31 - April 2, Las Vegas, Nevada. Use code MSCUST for a $150 discount.
Register nowThe Power BI DataViz World Championships are on! With four chances to enter, you could win a spot in the LIVE Grand Finale in Las Vegas. Show off your skills.
So far, it seems like authentication can be either done using the app owns data method (service principal or master user approach), or user owns data approach (user individually authenticates/logs in). I keep running into issues getting the correct power bi API permissions given to me to implement these approaches by my security department in a government setting. I am trying not to use the user owns data approach because we are trying to embed in a seamless way, with no user interaction required to view Power BI content once they are signed into our web app. May be a silly question but, are these any other options on getting this to work?
Solved! Go to Solution.
Thanks for the reply from lbendlin , please allow me to provide another insight:
Hi, @ldd123
I share lbendlin 's view that, regarding Power BI embedding methods, App Owns Data (embedded for customers) is indeed the most suitable option for your needs.
1.Here’s the distinction between "Embedding for Your Customers" and "Embedding for Your Organisation":
"Embedding for Your Customers" eliminates the need for Power BI account authentication, making it more aligned with your requirements. This corresponds to what you mentioned about users being able to view Power BI content without further interaction once they log into our web application.
For further details, please refer to the documentation.
2.Regarding the issue of not obtaining the correct Power BI API permissions granted by my security department, this may be due to the Azure app lacking API permissions, insufficient role permissions for the Azure app in the workspace, or unmodified service settings.
If you have configured the Azure app step by step according to the documentation, you can find the relevant section in your Azure app to grant the necessary permissions based on your needs.
Please note that after adding permissions, there is a confirmation step to ensure they are granted:
The role permissions for the Azure app in the workspace should be at least set to Member.
For further details, please refer to the documentation.
Solved: Getting Operation returned an invalid status code ... - Microsoft Fabric Community
3.Below are responses to similar issues you might encounter, and I hope this information is helpful to you:
https://learn.microsoft.com/en-us/power-bi/developer/embedded/embed-service-principal#step-3---enabl...
Solved: How to Auto Login Power BI HTML Static Application - Microsoft Fabric Community
Solved: Power BI REST API, HTTP 401 - Microsoft Fabric Community
Best Regards,
Leroy Lu
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Thanks for the reply from lbendlin , please allow me to provide another insight:
Hi, @ldd123
I share lbendlin 's view that, regarding Power BI embedding methods, App Owns Data (embedded for customers) is indeed the most suitable option for your needs.
1.Here’s the distinction between "Embedding for Your Customers" and "Embedding for Your Organisation":
"Embedding for Your Customers" eliminates the need for Power BI account authentication, making it more aligned with your requirements. This corresponds to what you mentioned about users being able to view Power BI content without further interaction once they log into our web application.
For further details, please refer to the documentation.
2.Regarding the issue of not obtaining the correct Power BI API permissions granted by my security department, this may be due to the Azure app lacking API permissions, insufficient role permissions for the Azure app in the workspace, or unmodified service settings.
If you have configured the Azure app step by step according to the documentation, you can find the relevant section in your Azure app to grant the necessary permissions based on your needs.
Please note that after adding permissions, there is a confirmation step to ensure they are granted:
The role permissions for the Azure app in the workspace should be at least set to Member.
For further details, please refer to the documentation.
Solved: Getting Operation returned an invalid status code ... - Microsoft Fabric Community
3.Below are responses to similar issues you might encounter, and I hope this information is helpful to you:
https://learn.microsoft.com/en-us/power-bi/developer/embedded/embed-service-principal#step-3---enabl...
Solved: How to Auto Login Power BI HTML Static Application - Microsoft Fabric Community
Solved: Power BI REST API, HTTP 401 - Microsoft Fabric Community
Best Regards,
Leroy Lu
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
"app owns data" seems to be the correct approach for you. What are you struggling with?
User | Count |
---|---|
10 | |
4 | |
4 | |
3 | |
3 |