Refresh Power BI Data Flow using API through Azure Data Factory

Question

I am trying to refresh a PBI Data Flow using an ADF web activity by authenticating using the data factory's Managed Identity.

Here is my input to the activity:

{
    "url": "https://api.powerbi.com/v1.0/myorg/groups/1dec5b21-ba60-409b-80cb-de61272ee504/dataflows/0e256da2-8823-498c-b779-3e7a7568137f/refreshes",
    "connectVia": {
        "referenceName": "My-AzureVM-IR",
        "type": "IntegrationRuntimeReference"
    },
    "method": "POST",
    "headers": {
        "Content-Type": "application/json",
        "User-Agent": "AzureDataFactoryV2",
        "Host": "api.powerbi.com",
        "Accept": "*/*",
        "Connection": "keep-alive"
    },
    "body": "{\"notifyOption\":\"MailOnFailure\"}",
    "disableCertValidation": true,
    "authentication": {
        "type": "MSI",
        "resource": "https://analysis.windows.net/powerbi/api"
    }
}

It generates the following error when doing a debug run:

Failure type: User configuration issue
Details: {"error":{"code":"InvalidRequest","message":"Unexpected dataflow error: "}}

I have tried this exact URL in Postman using Bearer Token Authentication and it works. Our AAD Admin group said they added our ADF's Managed Identity to the permission list for the PBI API, so I am not sure what is going on here.

Answer 1

Just an FYI, I was able to get the ADF Managed Identity working with data flow refreshes using the HTTP request in my original post.

The key was after having the Tenant Admins add the Managed Identity to a security group with API access, I then also had to add the Managed Identity to the PBI Workspace access list as a Member.

Then my API call worked from ADF using the MSI. No Bearer login token needed.