Recently I have been trying to make Power BI APIs work with service principal authentication. All steps mentioned in this article are done:
I am able to generate an access token using the POST method for https://login.microsoftonline.com/common/oauth2/token (screenshot below).
The issue is that whenever this token is used for any further calls (I have tried both non-admin and admin APIs - when it comes to admin ones, I only tested the supported APIS - can be seen in this article , I am shown the 401 unauthorized error
.
So, my question is:
did I overlook a security setting in Azure perhaps? Our company uses MFA, but service principals can not use that from what I have found on the internet/in the documentation. Or is the generated token invalid somehow?
From your description, I think you should have a user login, because you are using MFA. Therefore, you should not use the client credential flow because it is often used in daemons without user interaction.
Therefore, you should use the auth code flow . When using this flow, you must first log in to the user in the browser and request the authorization code, and then use the authorization code to redeem the access token.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.