Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Microsoft is giving away 50,000 FREE Microsoft Certification exam vouchers. Get Fabric certified for FREE! Learn more

Reply
Tashan
Frequent Visitor

403 error - Rest APIs - Registered App

‎11-17-2023 04:57 AM

Hello Community,

 

I need guidance with the following as I've tried multiple avenues and I keep hitting a brick wall.

 

IT helpdesk within my organiastion have created an Azure AD App with the purposes of me using rest APIs. I have added the necessary permissions to the App for the end points I've tried to access. Added the service principal account to the workspace I'm testing the app through.

 

I am using postman to test the rest APIs, I'm able to generate an auth token but I am getting 403 error when trying to access the REST APis.

 

Please help!

Labels:
Message 1 of 4
658 Views
0
3 REPLIES 3
lbendlin
Super User
Super User

‎11-19-2023 01:45 PM

use jwt.io to check the scope of your token.  Most likely the required permissions are not in the token.

Message 2 of 4
629 Views
0
Tashan
Frequent Visitor
In response to lbendlin

‎11-20-2023 02:08 AM

Thank you for your response.

 

I've used 0jwt.io as advised. After checking documentation on https://learn.microsoft.com/en-us/entra/identity-platform/access-token-claims-reference. it appears there was no line for 'scp' which I understand to be the scope you're referring to.

 

I've double checked with helpdesk on which permissions the app currently has:

User.Read
Dashboard.Read.All
Dataset.Read.All
Report.Read.All
Report.ReadWrite.All
Tenant.Read.All
Workspace.Read.All

The rest api I'm trying to access is https://api.powerbi.com/v1.0/myorg/groups/[MyworkspacEnteredHere]

and needs Report.ReadWrite.All or Report.Read.All

Is this enough information to advise where the fault lies?

Message 3 of 4
622 Views
0
lbendlin
Super User
Super User
In response to Tashan

‎11-20-2023 09:14 AM

The app registration seems to have been done incorrectly. You need to see the requested permissions in the "scp" section. Ask them to try again.

Message 4 of 4
614 Views
0

Helpful resources

Announcements
Notebook Gallery Carousel1

NEW! Community Notebooks Gallery

Explore and share Fabric Notebooks to boost Power BI insights in the new community notebooks gallery.

View All
Top Solution Authors
View All