Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Calling all Data Engineers! Fabric Data Engineer (Exam DP-700) live sessions are back! Starting October 16th. Sign up.

Reply
pkmelee337
New Member

Power BI Rest Api with the ADAL JS library

‎08-09-2017 06:29 AM

Hi,

 

In a web part I am creating (only JS) I am using the javascript ADAL library to authenticate users and retrieve access tokens. I have set up te correct registration in AD, found a report ID, ADAL config is correct with the right enpoint, client ID and I am retrieving the access token with the correct graph resource. So far, so good.

 

Now when I am trying to retrieve an embed report (using the npm powerbi-client package or via jquery post) I am getting the 403 (Forbidden) error. I tried googling stackoverflow and this forum, found some answers and all off them came back to the same solution: "add username and password to your login call".

 

Haven't tried it so far because it is not even possible to add it in the default adal js library (as far as I know), but in an javascript app this will for sure result in an security issue. Where do I store the username and password or does the user have to login every time he accesses the power bi web part?

 

Am I missing something and how do you guys handle this problem?

 

With kind regards,

Henk ter Harmsel

Labels:
Message 1 of 4
3,583 Views
0
1 ACCEPTED SOLUTION
Eric_Zhang
Microsoft Employee
Microsoft Employee

‎08-09-2017 08:20 PM
@pkmelee337 wrote:

Hi,

 

In a web part I am creating (only JS) I am using the javascript ADAL library to authenticate users and retrieve access tokens. I have set up te correct registration in AD, found a report ID, ADAL config is correct with the right enpoint, client ID and I am retrieving the access token with the correct graph resource. So far, so good.

 

Now when I am trying to retrieve an embed report (using the npm powerbi-client package or via jquery post) I am getting the 403 (Forbidden) error. I tried googling stackoverflow and this forum, found some answers and all off them came back to the same solution: "add username and password to your login call".

 

Haven't tried it so far because it is not even possible to add it in the default adal js library (as far as I know), but in an javascript app this will for sure result in an security issue. Where do I store the username and password or does the user have to login every time he accesses the power bi web part?

 

Am I missing something and how do you guys handle this problem?

 

With kind regards,

Henk ter Harmsel

@pkmelee337

Since this is not Azure AD forum, so we may not give you better support for ADAL JS library.

 

However I can still give you my two cents.

At first, please ensure that you've grant sufficient permissions to the registered app.

Secondly, based on my test, username and password are not mandatory. Based on my test, the accesstoken generated from authorization code approach can work to get the reports from Power BI.

You need.

1. send a GET request

https://login.windows.net/common/oauth2/authorize?client_id={client_id}
&response_type=code
&redirect_uri={redirect_uri of your registered app}

2. send a POST request

POST /common/oauth2/token HTTP/1.1
Host: login.windows.net
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache
Postman-Token: 990496e9-1d11-7aa5-faf7-f3dc152e8beb

client_secret={client_secret}&client_id={client_id}&grant_type=authorization_code&resource=https%3A%2F%2Fanalysis.windows.net%2Fpowerbi%2Fapi&redirect_uri={redirect_uri}&code={code from above}

 

View solution in original post

Message 2 of 4
4,667 Views
3 REPLIES 3
Eric_Zhang
Microsoft Employee
Microsoft Employee

‎08-09-2017 08:20 PM
@pkmelee337 wrote:

Hi,

 

In a web part I am creating (only JS) I am using the javascript ADAL library to authenticate users and retrieve access tokens. I have set up te correct registration in AD, found a report ID, ADAL config is correct with the right enpoint, client ID and I am retrieving the access token with the correct graph resource. So far, so good.

 

Now when I am trying to retrieve an embed report (using the npm powerbi-client package or via jquery post) I am getting the 403 (Forbidden) error. I tried googling stackoverflow and this forum, found some answers and all off them came back to the same solution: "add username and password to your login call".

 

Haven't tried it so far because it is not even possible to add it in the default adal js library (as far as I know), but in an javascript app this will for sure result in an security issue. Where do I store the username and password or does the user have to login every time he accesses the power bi web part?

 

Am I missing something and how do you guys handle this problem?

 

With kind regards,

Henk ter Harmsel

@pkmelee337

Since this is not Azure AD forum, so we may not give you better support for ADAL JS library.

 

However I can still give you my two cents.

At first, please ensure that you've grant sufficient permissions to the registered app.

Secondly, based on my test, username and password are not mandatory. Based on my test, the accesstoken generated from authorization code approach can work to get the reports from Power BI.

You need.

1. send a GET request

https://login.windows.net/common/oauth2/authorize?client_id={client_id}
&response_type=code
&redirect_uri={redirect_uri of your registered app}

2. send a POST request

POST /common/oauth2/token HTTP/1.1
Host: login.windows.net
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache
Postman-Token: 990496e9-1d11-7aa5-faf7-f3dc152e8beb

client_secret={client_secret}&client_id={client_id}&grant_type=authorization_code&resource=https%3A%2F%2Fanalysis.windows.net%2Fpowerbi%2Fapi&redirect_uri={redirect_uri}&code={code from above}

 

Message 2 of 4
4,668 Views
pkmelee337
New Member
In response to Eric_Zhang

‎08-16-2017 05:35 AM

Thank you very much for your reply. I found out my error with the ADAL library thanks to your code. I thought that the code received from the loging request was the same as the access token you're receiving from the get access token request. So my mistake was to always use the loging code token on the first request. Nevertheless the second time it was receiving the access token and that didn't work either. I also simplified the app registration in Azure, so that might have helped too. Will do some tests on that later on.

 

With kind regards,

Henk ter Harmsel

Message 3 of 4
3,542 Views
0
Yaostha
Helper II
Helper II
In response to pkmelee337

‎11-30-2017 08:41 PM

Hi,

   Could you share the sample code?

I am struggling to refer the ADAL.js properly in a webpart and getting accessToken.

 

Regards,

Yasotha

Message 4 of 4
3,230 Views
0

Helpful resources

Announcements
FabCon Global Hackathon Carousel

FabCon Global Hackathon

Join the Fabric FabCon Global Hackathon—running virtually through Nov 3. Open to all skill levels. $10,000 in prizes!

October Power BI Update Carousel

Power BI Monthly Update - October 2025

Check out the October 2025 Power BI update to learn about new features.

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All