Skip to main content

OAuth 2.0 for Microsoft Power BI

Configure Alteryx Analytics Cloud (AAC) to integrate with Microsoft Power BI using OAuth 2.0 to authenticate.

Create OAuth 2.0 Client App in Azure

Create the client app iIn the Azure console.

  1. Log in to Azure: https://portal.azure.com/#home.

  2. Select Azure Active Directory > App Registrations > New registration.

  3. Specify the following fields:

    • The Name of the app.

    • Supported Account Types. Select Single tenant or Multi tenant.

    • Redirect URI. Specify the URL in the following format, depending your project or workspace login: https://<Login_URL>/oauth2/callback

      For example

      https://us1.alteryxcloud.com/oauth2/callback

  4. To create the new registration, select Register.

  5. On the Overview tab, copy the value for the Application (client) ID. This value wll be applied in AAC.

    PowerBI-OAuth.png
  6. On the Branding tab, optionally you can specify the following fields:

    • Name of the app. It should match the value you specified previously.

    • Preferred Logo for the app.

    • Set Homepage URL to https://trifacta.com.

    • Set Terms of Service URL to https://www.trifacta.com/terms-conditions/.

    • Set Privacy Policy to https://www.trifacta.com/privacy-policy/.

    • Set Publisher Domain to trifacta.com.

    • If you are a Microsoft Partner, you can specify your MPN ID.

  7. To create a new client secret, go to the Certificates & Secrets tab, select New client secret, set the Expires option to Never, and select Add.

    Copy the Value field. This value is the client secret and will be applied in AAC.

  8. On the API Permissions tab, add permission for both OpenID as well as Power BI service.

    1. For OpenID, select Add a Permission - Microsoft Graph - Delegated Permissions.

      • email

      • openid

      • offline_access

      • profile

      And select Add Permissions.

    2. For Power BI Service, select Add a Permission - Power BI Service - Delegated Permissions.

      1. Under Dataset, select Dataset.ReadWrite.All

      2. Under Workspace, select Workspace.Read.All and Workspace.ReadWrite.All.

      Select Add permissions and save your changes.

You can use any existing Power BI Clients already set up in Azure, provided the listed permissions are already present in the client.

Create OAuth 2.0 Client for Power BI

After the Power BI client app, create an OAuth 2.0 client in AAC, used to integrate with the OAuth 2.0 Client app.

Login to AAC as a workspace administrator.

  1. In the righthand menu, select User menu > Admin console > OAuth 2.0 Clients.

  2. In the OAuth 2.0 Clients page, select Register OAuth 2.0.0 Client.

  3. Choose PowerBI from the dropdown.

  4. Enter these fields:

    Field

    Action

    Name

    Add the appropriate name for the client.

    Client ID

    Paste the value of the Application (client) ID generated in Azure.

    Client Secret

    Paste the value of the client secret in Azure.

    Authorization URL

    Paste this URL:

    https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize

    Token URL

    Paste this URL:

    https://login.microsoftonline.com/organizations/oauth2/v2.0/token

    Scopes

    Enter this scope definitions:

    openid
    offline_access
    profile
    email
    https://analysis.windows.net/powerbi/api/Dataset.ReadWrite.All
    https://analysis.windows.net/powerbi/api/Workspace.Read.All

    Individual scopes should be separated by a space.

    Access Token Expires In

    Enter 3600000 ms.

    Refresh Token Expires In

    Enter 777600000 ms.

  5. Select Save.