I successfully set up "Azure AD On-Behalf-Of flow", my web api secured actions call and ms graph api calls work as well. No I added more grants which are related to power bi. I want to read/write workspaces/reports etc from the web api I tried that:
string[] scopes = { "Capacity.Read.All", "Capacity.ReadWrite.All",
"Content.Create", " Dashboard.Read.All", " Dashboard.ReadWrite.All",
"Data.Alter_Any", "Dataset.Read.All", "Dataset.ReadWrite.All", "Group.Read", "Group.Read.All",
"Metadata.View_Any", "Report.Read.All", "Report.ReadWrite.All", "Tenant.Read.All",
"Workspace.Read.All", "Workspace.ReadWrite.All"};
string accessToken = await _tokenAcquisition.GetAccessTokenOnBehalfOfUser(HttpContext, scopes); // error
var tokenCredentials = new TokenCredentials(accessToken, "Bearer");
using (var client = new PowerBIClient(new Uri(_powerBiConfig.ApiUrl), tokenCredentials))
{
...
}
but GetAccessTokenOnBehalfOfUser returns
AADSTS70011: The provided request must include a 'scope' input parameter. The provided value for the input parameter 'scope' is not valid.
Got it myself.
The code below demonstrates how to retrieve all power bi workspaces
public async Task<string> Groups()
{
string[] scopes = { "https://analysis.windows.net/powerbi/api/Dataset.Read.All"};
try
{
string accessToken = await _tokenAcquisition.GetAccessTokenOnBehalfOfUser(HttpContext, scopes);
var tokenCredentials = new TokenCredentials(accessToken, "Bearer");
using (var client = new PowerBIClient(new Uri(_powerBiConfig.ApiUrl), tokenCredentials))
{
return JsonConvert.SerializeObject(client.Groups.GetGroups().Value, Formatting.Indented);
}
}
catch (Exception exc)
{
return string.Empty;
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.