Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.
To enable SSO between Power BI and snowflake, we followed the instructions as per the documentation in https://docs.snowflake.com/en/user-guide/oauth-powerbi.html
Azure AD Issuer is formed properly using the tenant id as per the instructions.
Below is the security integration query used and highlighted the fields that are changed as per our project needs.
Please note that, we have used ‘email_address’ as snowflake user mapping attribute
create security integration powerbi_<project_name>
type = external_oauth
enabled = true
external_oauth_type = azure
external_oauth_issuer = '<AZURE_AD_ISSUER>'
external_oauth_jws_keys_url = 'https://login.windows.net/common/discovery/keys'
external_oauth_audience_list = ('https://analysis.windows.net/powerbi/connector/Snowflake')
external_oauth_token_user_mapping_claim = 'upn'
external_oauth_snowflake_user_mapping_attribute = 'email_address';
Test data:
The upn value in power bi is formatted as <sso>@<domain.com>
We confirmed this by creating a sample report in Power BI using "UserPrincipalName()" function
Hence, we updated the email field for this user in snowflake to match the same.
After following these steps, when we tried to use the OAuth2 Authentication method from Power BI Service, its showing error message as shown below:
"Failed to update data source credentials: ODBC: ERROR [28000] Incorrect username or password was specified"
How do we confirm if the correct value is passed for upn and is there anything else we are missing.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.