Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started
Report.ReadWrite.All or Report.Read.All
Dataset.ReadWrite.All or Dataset.Read.All
Below is my part of Powershell Script which call REST API to Export pdf file from Power BI Service report:
$authUrl = 'https://login.microsoftonline.com/tentid/oauth2/token';
$clientId="xxxxxxxxxxxxx"
$clientSecret = "xxxxxxxxxxxx"
$body = @{
'grant_type' = 'client_credentials';
'resource' = 'https://analysis.windows.net/powerbi/api';
'client_id' = $clientId;
'client_secret' = $clientSecret;
};
$authResponse = Invoke-RestMethod -Uri $authUrl –Method POST -Body $body
$authheaders = @{
"Content-Type" = "application/json";
"Authorization" = $authResponse.token_type + " " + $authResponse.access_token
}
$groupid = "xxxxxxxxxxx"
$Reportid = "xxxxxxxxxxxxxxx"
$Body = "{`”format`”:`”pdf`”}"
$url1 = "https://api.powerbi.com/v1.0/myorg/groups/$groupid/reports/$Reportid/ExportTo"
$FileExport = Invoke-RestMethod -Method Post -uri $url1 -Headers $$authheaders -body $Body
I get below error :
Invoke-RestMethod : The remote server returned an error: (403) Forbidden.
At C:\Users\eshahi\Desktop\101022.ps1:37 char:15
+ ... ileExport = Invoke-RestMethod -Method Post -uri $url1 -Headers $authh ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest)
[Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.I
nvokeRestMethodCommand
Solved! Go to Solution.
Found the solution :
1. add the SA account under Azure Directory security group
2. Go the PBI service , admin protal and under the developer setting add the specific group then it would only work.
What happens if you give it full access to Tenant.ReadWrite and see if that works?
Hi,
Can anyone can help me on this, why I am missing the scope , delegated permission from the access token ?
The access_Token Scope "sc" is missing all the delegated permission I have assiged i.e. scope doesn't even exisit.
I have copied the access_token into JWT.io to find this out about the mssing sc.
I was expecting to see something like below as an example :
I've assigned the service principal account with member role in the PBI service workspace.
Hi @EricShahi
Have you also assigned the service principal to the app workspace with member or admin permissions?
Found the solution :
1. add the SA account under Azure Directory security group
2. Go the PBI service , admin protal and under the developer setting add the specific group then it would only work.
Check out the September 2024 Power BI update to learn about new features.
Learn from experts, get hands-on experience, and win awesome prizes.