Versions Compared

Version Old Version 3 New Version 4
Changes made by

Jean-Philippe Golay

Jean-Philippe Golay

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • on the service on my workspace (only me will modify)

  • on the service on a shared workspace for collaborate editing

  • on you desktop using th

Use Onboarding Embed Tool

Launch this URL: Onboarding Embed Tool (powerbi.com)

  • choose the second option: Embed Power BI for your organization's internal users—for enterprises

...

image-20241007-144009.pngImage Removed

image-20241007-144242.pngImage Removed

  • Application Name : you can use “WIPApp”

  • Home page url and Redirect URL : use your WIP external URL

image-20241007-162225.pngImage Removed

Embed Power BI content in an embedded analytics application with service principal and an application secret - Power BI | Microsoft Learn

...

  • WIP Desktop App

Create Application Registration

...

...

  • Name : your application name (service principal name also)

  • Redirect Url : where to redirect after azure authentication = WIP external URL

Press Register.

Api Permissions

Once created go to API Permissions and use “+Add a permission“ to add permissions

...

  • Microsoft Graph (import users)

    • User.Read

  • Power BI Service

    • Application permissions (Admin consent required)

      • Tenant.ReadWrite.All

    • Delegated Permissions

      • Connection.ReadWrite.All

      • Dataset.ReadWrite.All

      • Gateway.ReadWrite.All

      • Item.ReadWrite.All

      • PaginatedReport.ReadWrite.All

      • Report.ReadWrite.All

      • SemanticModel.ReadWrite.All

      • Workspace.ReadWrite.All

After adding the permissions you our a active directory admin should press the button “Grant Admin Consent for …“ in order to validate the Status to Granted for your company

The app permissions should look like this after:

...

Screen Recording 2025-01-08 at 10.18.48.mov

Assign Service Principal to Workspaces

...

manually

You need to assign the service principal (registered application) you just created to all workspaces you want to control with WIP (my workspaces is not necessary as they will be accessed using the login user)

You can do it manually for each workspace or you can do it in the admin portal

...

Assign Service Principal to Workspaces in Admin Portal

...

Add service principal to fabric administrative group

...

You need to add your service principal to a group (that you might create) having having assigned roles = “Fabric Administrator”

Connect WIP to Power BI

In WIP create a new Power BI Server

Known Errors

The caller is not authenticated to access this resource Status: 401 (Unauthorized) 

...

Authenticate issue, invalid_request,AADSTS9002327: Tokens issued for the 'Single-Page Application' client-type may only be redeemed via cross-origin requests.

...