Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Be one of the first to start using Fabric Databases. View on-demand sessions with database experts and the Microsoft product team to learn just how easy it is to get started. Watch now

Reply
udione
Helper I
Helper I

Update DataSource parameter with API

I'm trying to update DataSource Parameters with this code:

 

string scope = "https://analysis.windows.net/powerbi/api/.default";

IConfidentialClientApplication app = ConfidentialClientApplicationBuilder.Create(clientId)
                .WithClientSecret(clientSecret)
                .WithAuthority(new Uri(authority))
                .Build();

string[] scopes = new string[] { scope };

AuthenticationResult result = null;
result = await app.AcquireTokenForClient(scopes).ExecuteAsync();

PowerBIClient pbiClient = new PowerBIClient(new Uri("https://api.powerbi.com/"), new TokenCredentials(result.AccessToken, "Bearer"));

var refds = await pbiClient.Datasets.UpdateParametersInGroupWithHttpMessagesAsync(_groupId, _datasetId, new UpdateMashupParametersRequest(new UpdateMashupParameterDetails("orgId", "98")));

 

 

I get: Operation returned an invalid status code 'Forbidden'

 

I've turned on every possible setting in Tenant Settings in Power BI and Api privileges for App Registration in Azure.

I'm new, trying things out as Pro Licence without any reserverd capacity in Azure Power Bi Embedded - is that necessary? 

12 REPLIES 12
udione
Helper I
Helper I

I'm using app-only access, so no delegated permissions.

Does this imply that I can only methods like 

UpdateParametersInGroupWithHttpMessagesAsync

only if I get user access token and cannot just use token quired using only applicattion secret?

no scope = no worky

I've changed that now my user (which is admin in PowerBI) is used for fetching access token.

I can execute methods like pbiClient.Datasets.GetDatasetsInGroup

But when executing pbiClient.Datasets.UpdateParametersInGroupWithHttpMessagesAsync

I still get Forbidden result. 

Decrypted token in jwt.io still does not have scp.

lbendlin
Super User
Super User

take your token to jwt.io and examine the "scp"  (scope)  section.  Most likely the token is hollow.

There is no scp section at all in the token. How can I fixed that? 

go back to your app registration and ask for better permissions.

I've already turned on in azure everything that is related to Power Bi for the app. Can you advise which specific permissions it needs ?

Did you delegate?

Sorry, but what exactly do you mean by delegate?

Have you asked for straight permissions or delegated permissions?

Helpful resources

Announcements
Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!

Dec Fabric Community Survey

We want your feedback!

Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions.

ArunFabCon

Microsoft Fabric Community Conference 2025

Arun Ulag shares exciting details about the Microsoft Fabric Conference 2025, which will be held in Las Vegas, NV.

December 2024

A Year in Review - December 2024

Find out what content was popular in the Fabric community during 2024.