Re: PowerBI embedded dashboard with php & html fau...

mad_penguin · ‎08-09-2021

Hi,

For a project we are doing we built a website using php, html, css, js. One of our partners asked if we could embed a powerBI dashboard into one of the pages. What I thought would be a half-day job has turned out as a two week nightmare so far... I was hoping that someone is able to help me here.

PowerBI has made publishing to web fairly easy with the publish to web function. However, the owner of the powerBI environment wouldnt turn on this function and said I would get some keys to retrieve the dashboard. So a day later I received the following keys in my mailbox: clientId, clientSecret, tenantId, group, report. A misleading "have fun" finished the mail..

With no experience with PowerBI I soon found out that you can get an access token by calling a certain API, with that access token you can get an embed link which together can be passed to some powerBI.js library which embeds it on the website.

However when the embed link and access token are passed to the JS library it will give a 403 on a call to modelsAndExploration and not display the dashboard. There is some powerBI website where you can check if a token and embedlink are valid, on that website it gives the same 403 error so there seems to be something wrong with the token or link. However both responses from the API seem valid when I compare them to examples online.

I've seen there are just a few other posts about the same error but the proposed fixes did not work for me.

ps. I have no access to powerBI UI itself but I know its running on some Azure environement.

Here is my code:

<?php
/* Get token using a POST request */

$clientId = '';
$clientSecret = '';
$tenantId = '';
$urlAccessToken = "https://login.windows.net/$tenantId/oauth2/token";
$resource = 'https://analysis.windows.net/powerbi/api';
$group = '';
$report ='';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://login.microsoftonline.com/$tenantId/oauth2/token");
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'resource' => $resource,
'client_id' => $clientId,
'client_secret' => $clientSecret,
'grant_type' => 'client_credentials'
));

$data = curl_exec($ch);
curl_close($ch);

$data_obj = json_decode($data);
$access_token = $data_obj->{"access_token"};
$embeddedToken = "Bearer "  . ' ' .  $access_token;
$curlGetUrl = curl_init();
curl_setopt_array($curlGetUrl, array(
    CURLOPT_URL => "https://api.powerbi.com/v1.0/myorg/groups/$group/reports/",
    CURLOPT_RETURNTRANSFER => true,   
    CURLOPT_ENCODING => "",   
    CURLOPT_MAXREDIRS => 10,    
    CURLOPT_TIMEOUT => 30,   
    CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,   
    CURLOPT_CUSTOMREQUEST => "GET",   
    CURLOPT_HTTPHEADER => array(   
    "Authorization:".$embeddedToken,
    "Cache-Control: no-cache",   
    ),   
    ));   
    $embedResponse = curl_exec($curlGetUrl);  
    $embedError = curl_error($curlGetUrl);
    curl_close($curlGetUrl);  
    if ($embedError) {   
    echo "cURL Error #:" . $embedError; 
    } else {  
    $embedResponse = json_decode($embedResponse, true);   
    $embedUrl = $embedResponse['value'][0]['embedUrl']; 
    }    
?>

mad_penguin · ‎08-10-2021

Yes, I believe that is why you specify report id in the powerBI.js config?

var models = window['powerbi-client'].models;
					var embedConfiguration= {
						type: 'report',
						tokenType: models.TokenType.Aad,
						id: '', // the report ID
						embedUrl: '<?php echo $embedUrl ?>',
						accessToken: '<?php echo $access_token; ?>'
					};
					var $reportContainer = $('#reportContainer');
					var report = powerbi.embed($reportContainer.get(0), embedConfiguration);

I also tried with

https://embedded.powerbi.com/appTokenReportEmbed?reportId=xxxx

As embed url

Anonymous · ‎08-12-2021

Hi @mad_penguin

403 error should be forbidden error. Please check whether your Access token is correct.

From your code I know you get access token by Service Principle(grant_type = client_credentials / others authenication methods' grant_type are Password).

'grant_type' => 'client_credentials'

Please check whether your App for Service Principle is configured correctly.

For reference: Register an Azure AD application to use with Power BI

And check whether your app has access to your report or your Power BI has give security group the API permission.

Embed Power BI content with service principal and an application secret

Best Regards,
Rico Zhou

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

mad_penguin · ‎08-18-2021

Sorry, I dont know why this is accepted as a solution. I tried forewarding your idea to the people managing the powerBI application but they said everything is okay and their powerBI config is correct.

lbendlin · ‎08-09-2021

Your code tries to pull a list of all reports, without specifying a workspace. Didn't you say you wanted an embed URL instead?

PowerBI embedded dashboard with php & html faulty embed link

Helpful resources

Join our Fabric User Panel

Power BI Monthly Update - June 2025

Fabric Community Update - June 2025

Join the #PBI10 DataViz contest

PowerBI embedded dashboard with php & html faulty embed link

Helpful resources

Join our Fabric User Panel

Power BI Monthly Update - June 2025

Fabric Community Update - June 2025