Embeded Power BI report with service principal using on premise SSAS as dataset

0 votes

i've got an on premise SSAS instance which is configured in powerbi using gateway, configuration is proper as report using dataset from SSAS works from app.powebi and even from embedded report if token is requested using username/password flow.

From security reasons our client demand was to introduce service principal, it is turned on, set as admin on workspace, i've added 'ReadOverrideEffectiveIdentity' to service principle using powerbi dataset api.

Currently when i request embedd token using clientSecret (service principal) it requires EffectiveIdentity to be passed (which was not passed before in this path).

I've tested two different approaches:

-passed EffectiveIdentity with identifier = ServicePrincipalObjectId

-passed currently logged userId (this is normally passed for other datasets pointing directly to database):

  • report is embedded but when it's loadingvisuals i get 401 and i can see that 'https://wabi-north-europe- redirect.analysis.windows.net/explore/querydata' returned
    "{"error":{"code":"RLSNotAuthorizedForImpersonation","pbi.error":{"code":"RLSNotAuthorizedForImpersonation","parameters":{},"details":[],"exceptionCulprit":1}}}"

i've tried with different users, added manually to SSAS security pane with proper roles, Gateway is in newest possible version. In Gateway logs there is info about request, some processing but in scenario when it doesn't work there is no report sql execution.

Do you have any ideas what should i check next and what is wrong?

Feb 23, 2022 in Power BI by surbhi
 • 3,820 points 1,206 views

1 answer to this question.

0 votes

On the data gateway that is being used to connect to the onpremise SSAS dataset, you must add the service principal as an administrator. It's possible that you'll need to add the Service Principal to an Azure AD group and make this group a gateway administrator.

PowerBI.COM
Toggle the gear in the upper right corner.
Select Manage Gateways from the drop-down menu.
On the left, click the gateway that connects to your on-premise SSAS database.
Go to the Gateway.
Switch from the Gateway Cluster Settings tab to the Administrators tab by clicking.
Assign the service principal to the role of administrator.
Are you also certain you're creating the embedded-token with the correct identity? An effective identification will be required for SSAS data sources.

"identities": [
    {
      "username": "user@my-app.com",
      "roles": [
        "report-rls-role-name"
      ],
      "datasets": [
        "my-dataset-id-xxxxx-xxxxx-xxxxx"
      ]
    }
]

Empower Your Data Insights with Power BI Certification.

answered Feb 23, 2022 by CoolCoder
 • 4,420 points

Related Questions In Power BI

+2 votes
2 answers

Power BI service throwing 403 error when using token to embed Power BI report

To add to @Kalgi's answer, Also make ...READ MORE

answered Oct 3, 2018 in Power BI by Nilesh
 • 7,060 points 6,165 views
0 votes
2 answers

Can I get rid of the grey border on the report visuals with power bi embedded?

It's just a simple css code to ...READ MORE

answered Apr 19, 2020 in Power BI by Prateek Mehta
 5,436 views
0 votes
1 answer

Error refreshing dataset with direct query using on-premise gateway connection

What is your data source type? Could ...READ MORE

answered Nov 19, 2020 in Power BI by anonymous
 • 65,770 points 1,265 views
0 votes
1 answer

How do you resolve issues with Power BI reports that fail to refresh automatically on the Power BI service?

In order to fix the Power BI ...READ MORE

answered Nov 4 in Power BI by pooja
 • 4,690 points 44 views
0 votes
1 answer

Displaying Table Schema using Power BI with Azure IoT Hub

Answering your first question, Event Hubs are ...READ MORE

answered Aug 1, 2018 in IoT (Internet of Things) by nirvana
 • 3,130 points 1,311 views
+1 vote
1 answer

Unable to install connector for Power Bi and PostgreSQL

I think the problem is not at ...READ MORE

answered Aug 22, 2018 in Power BI by nirvana
 • 3,130 points 2,722 views
+2 votes
2 answers

Migrate power bi collection to power bi embedded

I agree with Kalgi, this method is ...READ MORE

answered Oct 11, 2018 in Power BI by Hannah
 • 18,520 points 1,492 views
+1 vote
1 answer

Connect power bi desktop to dataset and create custom reports

Yes using Power BI REST API to ...READ MORE

answered Sep 18, 2018 in Power BI by Kalgi
 • 52,350 points 1,646 views
0 votes
1 answer

Autorefresh the Power BI report with import Query

You should publish the report from the ...READ MORE

answered Feb 10, 2022 in Power BI by CoolCoder
 • 4,420 points 752 views
0 votes
1 answer

Power BI dataset and Excel on Mac OS

Because Excel for MacOS isn't supported, connecting ...READ MORE

answered Feb 18, 2022 in Power BI by CoolCoder
 • 4,420 points 2,569 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.