Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
Braxx99
Frequent Visitor

Windows vs oAuth2 authentication to Sql Server

Read this docs:

 

Manage a SQL Server data source - Power BI | Microsoft Learn

 

But still do not understand the difference between Win and oAuth2 authentication's methods to on-prem SQL Server. 

Seems like both required to provide AD credentials

I am trying to setup connection to Sql Server db within on-premise gateway but have doubts which authentication method to choose.

 

1. When should I use Win and when oAuth2? 

2. Is that a good practice to use Azure AD account like db_reader@mycompany.com in Win or oAuth2 in such connection?

3 REPLIES 3
aj1973
Community Champion
Community Champion

Hi @Braxx99 

Here is the difference:

Basic Windows connection and OAuth 2.0 connection are two different methods of authenticating with a data source. Basic Windows connection uses the user's credentials (username and password) to access the data, while OAuth 2.0 connection uses a token-based system that grants limited access to the data for a specified period of time.

 

Some of the key differences between basic Windows connection and OAuth 2.0 connection are:

 

- Basic Windows connection is simpler and easier to implement, but it has lower security and scalability. OAuth 2.0 connection is more complex and requires more steps, but it has higher security and scalability.

- Basic Windows connection sends the user's credentials in plain text over the network, which can be intercepted or stolen by attackers. OAuth 2.0 connection encrypts the user's credentials using SSL/TLS and sends them only once in a secure way.

- Basic Windows connection gives full access to all resources associated with the user's account, which can be problematic if the user shares their credentials with others or if they forget their password. OAuth 2.0 connection gives limited access to specific resources based on the scope of the token, which can be revoked or refreshed at any time.

- Basic Windows connection does not support multi-factor authentication (MFA), which adds an extra layer of protection for the user's account. OAuth 2.0 connection supports MFA by requiring additional verification steps from the user.

 

Microsoft is moving away from basic Windows connection in some of its services, such as Exchange Online, and recommends using OAuth 2.0 instead¹. Microsoft provides various tools and guides to help developers migrate from basic Windows connection to OAuth 2.0¹³.

Regards
Amine Jerbi

If I answered your question, please mark this thread as accepted
and you can follow me on
My Website, LinkedIn and Facebook

@aj1973 well explained comparison, thanks.

 

Considering the scenario of using these methods in a Gateway connection I still have some doubts which one to choose. It is mentioned... (https://learn.microsoft.com/en-us/power-bi/connect-data/service-gateway-enterprise-manage-sql

Screenshot 2023-12-12 153043.png

Does it mean that oAuth2 i not recommended for this case? How long is the token valid? What i am afraid of is the token could expire before (in case of import), data refresh process is finished. As a result the refresh could be interupted.

What about second question:
2. Is that a good practice to use Azure AD account like db_reader@mycompany.com in Win or oAuth2 in such connection?

aj1973
Community Champion
Community Champion

The connection way doesn't depend on what do you prefer, it depends on the organization policy applied for this type of connection.

If you don't want to ask your organization then it doesn't hurt to try.

Regards
Amine Jerbi

If I answered your question, please mark this thread as accepted
and you can follow me on
My Website, LinkedIn and Facebook

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

Top Solution Authors