Store client credentials securely

Kaveesha_Silva · ‎03-20-2023

I am retrieving an access token by calling an API and then use this access token to obtain employee data. I'm using a blank query with the following code.

    body="grant_type=client_credentials&client_id="&<client_id>&"client_secret="&<client_secret>,
    Source  = Json.Document(Web.Contents(baseUrl,
        [ 
          RelativePath = "oauth/issueToken",
          Headers = [#"Content-Type"="application/x-www-form-urlencoded"],
          Content=Text.ToBinary(body)  
        ]
    )),

    token = Source[access_token],

    data= Json.Document(Web.Contents(baseUrl,
      [ 
        RelativePath = "api/employees",
        Headers = [#"Authorization"="Bearer "&token]
      ]
    )),

I'm getting access token calling our own API (not using AAD). What is the best way to store these client credentials (client_id and client_secret) instead of hardcoding in the code?

ams1 · ‎03-21-2023

Besides the great option @lbendlin mentioned, with an additional API endpoint you could also use the builtin credentials manager https://community.powerbi.com/t5/Power-Query/How-to-securely-store-and-use-token-and-secret-for-API-...

lbendlin · ‎03-21-2023

store them in a text file in a sharepoint document library that only you have access to. Then retrieve that file as part of the Power Query transforms etc.

Store client credentials securely

Helpful resources

Power BI Monthly Update - April 2024