Getting an Embed Token for Power BI Report with Row Level Security for a Specific User

Question

I am attempting to make calls to the Power BI API to get an embed token for a report that uses row level security.

The specific endpoint I am using is:

https://api.powerbi.com/v1.0/myorg/groups/*workspace_id*/reports/*report_id*/GenerateToken

The body of the request looks something like this:

{
    "accessLevel": "View",
    "identities":
    [
        {
            "username": "username",
            "roles":
            [
            ],
            "datasets":
            [
                "dataset_id"
            ]
        }
    ]
}

If I specify anything other than the GUID of the service principal that I use to obtain the initial access token for the username in the request body (above), I get the following message with a 403 response:

Creating embed token for accessing dataset dataset_id requires effective identity username to be identical to the caller's principal name

If I use the GUID of the service principal, I get an embed token with a 200 response.

My understanding is that since the app that is going to embed the Power BI objects performs the authentication, I should be able to pass anything for the username in the request body. However, I am unable to do so at the moment. I suspect this is a setting that needs to be made somewhere but I am not sure where to make such a setting (if this is the case).

Any help would be greatly appreciated

Getting an Embed Token for Power BI Report with Row Level Security for a Specific User

Answers (1)

Related Questions