Solved: Get token from Post API call

kristianjay · ‎10-03-2022

Hi guys,

I've tried searching the forum without luck, and I therefore hope that some of you can help me.

I'm trying to pull a token via a Post API call. I can successfully pull the date from the API, but since the token expires I want to do it dynamically. Unfortunately, I'm not even at the dynamic part yet, since my pull request for the token failed.

Once I run the query I get:

Then I'll try to log in using anonymous and get the following message, thus, it seems that my query has some authentication issues.

My query is below:

let

url = "https://login.microsoftonline.com/xxxxxxxxxxxxxxxx/oauth2/v2.0/token",

headers = [#"Content-Type" = "application/json"],

postData = Json.FromValue([grant_type="client_credentials",

client_secret = "xxxxxxxxxxxxxxxx",
client_id = "xxxxxxxxxxxxxxxx",
scope = "xxxxxxxxxxxxxxxx"]),

response = Web.Contents(

url,

[

Headers = headers,

Content = postData

]

),

access_token=Json.Document(response)

in

access_token

kristianjay · ‎10-03-2022

I've found a solution. See below.

let

url = "https://login.windows.net/xxx/oauth2/v2.0/token",

headers = [#"Content-Type" = "application/x-www-form-urlencoded"],

postData = "grant_type=client_credentials&scope=xxx&client_id=xxx&client_secret=xxx",

response = Web.Contents(

url,

[Headers = headers,

Content = Text.ToBinary(postData)

]

),

JsonResponse=Json.Document(response),

access_token = JsonResponse[access_token]

in

access_token

View solution in original post

kristianjay · ‎10-03-2022

I've found a solution. See below.

let

url = "https://login.windows.net/xxx/oauth2/v2.0/token",

headers = [#"Content-Type" = "application/x-www-form-urlencoded"],

postData = "grant_type=client_credentials&scope=xxx&client_id=xxx&client_secret=xxx",

response = Web.Contents(

url,

[Headers = headers,

Content = Text.ToBinary(postData)

]

),

JsonResponse=Json.Document(response),

access_token = JsonResponse[access_token]

in

access_token

Anonymous · ‎10-16-2022

Based on the above, I tried something very similar - e.g.:

    apiUrl = 'https://login.windows.net/<tenant_id>/oauth2/v2.0/token',
    body = [
          client_id='<client_id>',
          grant_type='client_credentials',
          client_secret='<client_secret>',
          scope='api://462...4e7/.default'
    ],
    Source = Json.Document(Web.Contents(apiUrl, [Headers = [Accept = 'application/json'], Content = Text.ToBinary(Uri.BuildQueryString(body))])),
    bearerToken = Source[access_token],

but it doesn't work in PBI. PBI doesn't give any helpful debug output, so if I run the equivalent from curl, it shows:

{'error':'invalid_resource','error_description':'AADSTS500011: The resource principal named api://462...4e7 was not found in the tenant named <tenant_name>. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant.

Did you do some additional step, e.g. add an "authorized client application" to your app registration (and if so, which one - a PBI app)? add some "app permission" to your app registration (and if so, which one(s))?