The ultimate Microsoft Fabric, Power BI, Azure AI, and SQL learning event: Join us in Stockholm, September 24-27, 2024.
Save €200 with code MSCUST on top of early bird pricing!
Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started
I have built an OData service that uses .NET MVC WebAPI and allows anonymous connections.
I would like to add authentication to this service and consume it from PowerBI.
Is there any documentation on how PowerBI interacts with OData services and the various authentication options that it supports?
I see Basic Authentication, which should be simple enough to implement, but there's also WebAPI key, a Data Marketplace key (which I assume is if I publish through the Azure Data Marketplace, which doesn't have a lot of documentation on authentication either), Windows credentials (probably not applicable), and Organization account, which I assume is OAuth/SAML-based, but I'd like to understand which identity providers (IdP) are supported - is it assumed to be only OAuth credentials that PowerBI accepts (ie. Azure Active Directory Services?) or can it be other OAuth providers?
I'm particularly interested in the WebAPI key and the Org Account options, to understand what my options are.
Mike
This reference might be helpful: https://dev.to/mdesenfants/custom-net-6-odata-service-with-oauth-for-power-query-1f3k
It provides some tips on configuring an ASP.NET 6 app for Power BI and Azure AD OAuth2.
For Organization account, that requires an O365 username and password, so basically Azure AD authentication. The WebAPI key and Data Marketplace (correct, Azure Data Marketplace) are both "secret key" authentication. Probably something along the lines of: http://bitoftech.net/2014/12/15/secure-asp-net-web-api-using-api-key-authentication-hmac-authenticat...
This links might have some useful bits of information:
https://powerbi.microsoft.com/en-us/documentation/powerbi-developer-authenticate-a-web-app/
I'm thinking Basic authentication is probably a good way to go.
Thanks smoupre,
Basic authentication over TLS is likely easiest, but I'm not sure it will meet the security requirements of the organization.
That HMAC link you included looks very useful. It talks about creating the message digest and says that the client and server have to calculate the digest the same way.
So I'm wondering how the PowerBI OData client uses the WebAPI key, and is there a standard or any docs on how it does that? The links you provided after that are how custom clients can authenticate to the PowerBI services, but this case is the other way around - PowerBI is the client, my OData endpoint is the service.
Thanks again.
Mike
I am generally not a fan of cross-posting but you might want to post a link to this thread in the Developers forum as you might get some better traction in that forum. Or, perhaps a mod could move this over to the Developer forum? While your question is definitely about integrations with files and services, I think that the question is much more of a developer question than what people generally post to this forum.
Only so much I can help as I do not do a ton of custom development.
OK, I'll cross post. I did think about posting over there first.
I've posted over in Developer forum, but I'm not sure it is seen by anyone.
That link takes me directly to it, but can you see it here?
Mike
Join the community in Stockholm for expert Microsoft Fabric learning including a very exciting keynote from Arun Ulag, Corporate Vice President, Azure Data.
Check out the August 2024 Power BI update to learn about new features.