Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started

Reply
EricShahi
Helper IV
Helper IV

Invoke-RestMethod - The remote server returned an error: (403) Forbidden

  1. Created Service Principal account using the Azure App Register
  2. Added API Permission, PBI Service and delegated Permission example as follows:

Report.ReadWrite.All or Report.Read.All

Dataset.ReadWrite.All or Dataset.Read.All

 

EricShahi_0-1665421403036.png

 

 

Below is my part of Powershell Script which call REST API to Export pdf file from Power BI Service report:

 

 

$authUrl = 'https://login.microsoftonline.com/tentid/oauth2/token';

$clientId="xxxxxxxxxxxxx"

$clientSecret = "xxxxxxxxxxxx"

 

$body = @{

    'grant_type' = 'client_credentials';

   'resource' = 'https://analysis.windows.net/powerbi/api';

    'client_id' = $clientId;

    'client_secret' = $clientSecret;

};

 

$authResponse = Invoke-RestMethod -Uri $authUrl –Method POST -Body $body

$authheaders = @{

    "Content-Type" = "application/json";

    "Authorization" = $authResponse.token_type + " " + $authResponse.access_token

    }

 

$groupid = "xxxxxxxxxxx"

$Reportid = "xxxxxxxxxxxxxxx"

$Body = "{`”format`”:`”pdf`”}"

$url1 = "https://api.powerbi.com/v1.0/myorg/groups/$groupid/reports/$Reportid/ExportTo"

$FileExport = Invoke-RestMethod -Method Post -uri $url1 -Headers $$authheaders -body $Body 

 

I get below error :


Invoke-RestMethod : The remote server returned an error: (403) Forbidden.
At C:\Users\eshahi\Desktop\101022.ps1:37 char:15
+ ... ileExport = Invoke-RestMethod -Method Post -uri $url1 -Headers $authh ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest)
[Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.I
nvokeRestMethodCommand

 

1 ACCEPTED SOLUTION

Found the solution :
1. add the SA account under Azure Directory security group

2. Go the PBI service , admin protal and under the developer setting add the specific group then it would only work.

EricShahi_0-1665659293630.png

 

View solution in original post

6 REPLIES 6
GilbertQ
Super User
Super User

What happens if you give it full access to Tenant.ReadWrite and see if that works?





Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

EricShahi
Helper IV
Helper IV

Hi,

 

Can anyone can help me on this, why I am missing the scope , delegated permission from the access token ? 


EricShahi
Helper IV
Helper IV

@GilbertQ 

 

The access_Token Scope "sc" is missing all the delegated permission I have assiged i.e. scope doesn't even exisit. 

 

I have copied the access_token into JWT.io to find this out about the mssing sc.

 

I was expecting to see something like below as an example : 

 

EricShahi_0-1665470819130.png

 

EricShahi
Helper IV
Helper IV

@GilbertQ 

 

I've assigned the service principal account with member role in the PBI service workspace.

 

 

 

GilbertQ
Super User
Super User

Hi @EricShahi 

 

Have you also assigned the service principal to the app workspace with member or admin permissions?





Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Found the solution :
1. add the SA account under Azure Directory security group

2. Go the PBI service , admin protal and under the developer setting add the specific group then it would only work.

EricShahi_0-1665659293630.png

 

Helpful resources

Announcements
Sept PBI Carousel

Power BI Monthly Update - September 2024

Check out the September 2024 Power BI update to learn about new features.

September Hackathon Carousel

Microsoft Fabric & AI Learning Hackathon

Learn from experts, get hands-on experience, and win awesome prizes.

Sept NL Carousel

Fabric Community Update - September 2024

Find out what's new and trending in the Fabric Community.

Top Solution Authors