I would like to use Python to rename dataflows in our Power BI tenancy using the Power BI API endpoint update dataflow , but I am receiving an authorisation error.
Following the Microsoft guidance I have:
Dataflow.ReadWrite.All
permissionsWhen I run the code below I receive <Response [401]>
, however similar code I have written for other end points such as get dataflow or refresh dataflow work fine. If I remove all the Power BI API permissions from the Azure app it is still able to run the get and refresh calls. It is like the code is using the user permissions for the workspace and not picking up the app permissions.
Any help is greatly appreciated.
Thanks
Python
import adal
import requests
TENANT_ID = "abc-123"
CLIENT_ID = "def-456"
CLIENT_SECRET = "ghi-789"
WORKSPACE_ID = "jkl-987"
DATAFLOW_ID = "mno-654"
authority_url = "https://login.microsoftonline.com/"+TENANT_ID
context = adal.AuthenticationContext(authority_url)
token = context.acquire_token_with_client_credentials(
resource="https://analysis.windows.net/powerbi/api",
client_id=CLIENT_ID,
client_secret=CLIENT_SECRET,
)
access_token = token.get("accessToken")
token_type = token.get("tokenType")
tokenString = "{} {}".format(token_type, access_token)
header = {"Authorization": tokenString}
newName = "This is a new name"
body = {"name": newName}
refresh_url = "https://api.powerbi.com/v1.0/myorg/groups/{}/dataflows/{}".format(WORKSPACE_ID, DATAFLOW_ID) #get all meta for specific dataflow
r = requests.patch(url=refresh_url, headers=header, json = body)
print(r)
According to the description you provided in comments, it seems you have enabled MFA. So when you use username/password flow, it will be blocked.
So you can just use auth code flow to get access token. You need to use the method acquire_token_with_authorization_code(authorization_code, redirect_uri, resource, client_id, client_secret=None, code_verifier=None) . I think you know all of the parameters in method except authorization_code
. You can refer to this document to know how to get it.
Request the url with the parameters follow the url, it will redirect to the redirect uri which you specified in the request and follow a parameter named code=...
. The value of code
is authorization_code
.
Here I provide my request sampel(use auth code flow) for your reference:
I request the url: https://login.microsoftonline.com/xxxxx/oauth2/v2.0/authorize?client_id=xxxxx&response_type=code&redirect_uri=https://hurytest&response_mode=query&scope=https://graph.microsoft.com/.default&state=12345&nonce=67890
It will ask me to login. After login, it will redirect to the uri https://hurytest/
with code
following.
The code
is authorization code
. You can use the code to do next step.
By the way, please pay attention to the scope
and resource
of the request. I use v2.0 endpoint in my sample, so I use scope
instead of resource
, but I noticed you use resource
in your code(v1.0 endpoint use resource
).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.