OAuth 2.0 for Microsoft Power BI
Configure Alteryx Analytics Cloud (AAC) to integrate with Microsoft Power BI using OAuth 2.0 to authenticate.
Create OAuth 2.0 Client App in Azure
Create the client app iIn the Azure console.
Log in to Azure: https://portal.azure.com/#home.
Select Azure Active Directory > App Registrations > New registration.
Specify the following fields:
The Name of the app.
Supported Account Types. Select Single tenant or Multi tenant.
Redirect URI. Specify the URL in the following format, depending your project or workspace login:
https://<Login_URL>/oauth2/callback
For example
https://us1.alteryxcloud.com/oauth2/callback
To create the new registration, select Register.
On the Overview tab, copy the value for the Application (client) ID. This value wll be applied in AAC.
On the Branding tab, optionally you can specify the following fields:
Name of the app. It should match the value you specified previously.
Preferred Logo for the app.
Set Homepage URL to
https://trifacta.com
.Set Terms of Service URL to
https://www.trifacta.com/terms-conditions/
.Set Privacy Policy to
https://www.trifacta.com/privacy-policy/
.Set Publisher Domain to
trifacta.com
.If you are a Microsoft Partner, you can specify your MPN ID.
To create a new client secret, go to the Certificates & Secrets tab, select New client secret, set the Expires option to Never, and select Add.
Copy the Value field. This value is the client secret and will be applied in AAC.
On the API Permissions tab, add permission for both OpenID as well as Power BI service.
For OpenID, select Add a Permission - Microsoft Graph - Delegated Permissions.
email
openid
offline_access
profile
And select Add Permissions.
For Power BI Service, select Add a Permission - Power BI Service - Delegated Permissions.
Under Dataset, select Dataset.ReadWrite.All
Under Workspace, select Workspace.Read.All and Workspace.ReadWrite.All.
Select Add permissions and save your changes.
You can use any existing Power BI Clients already set up in Azure, provided the listed permissions are already present in the client.
Create OAuth 2.0 Client for Power BI
After the Power BI client app, create an OAuth 2.0 client in AAC, used to integrate with the OAuth 2.0 Client app.
Login to AAC as a workspace administrator.
In the righthand menu, select User menu > Admin console > OAuth 2.0 Clients.
In the OAuth 2.0 Clients page, select Register OAuth 2.0.0 Client.
Choose PowerBI from the dropdown.
Enter these fields:
Field
Action
Name
Add the appropriate name for the client.
Client ID
Paste the value of the Application (client) ID generated in Azure.
Client Secret
Paste the value of the client secret in Azure.
Authorization URL
Paste this URL:
https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize
Token URL
Paste this URL:
https://login.microsoftonline.com/organizations/oauth2/v2.0/token
Scopes
Enter this scope definitions:
openid offline_access profile email https://analysis.windows.net/powerbi/api/Dataset.ReadWrite.All https://analysis.windows.net/powerbi/api/Workspace.Read.All
Individual scopes should be separated by a space.
Access Token Expires In
Enter 3600000 ms.
Refresh Token Expires In
Enter 777600000 ms.
Select Save.