Power BI Header Auth

Work with the Power BI API using header authentication

Actions24

Admin Actions
- Get Info
- Get Scan Result
Dashboard Actions
Dataset Actions
Group Actions
Report Actions
Token Actions

Overview

This node facilitates working with Microsoft Power BI API using header-based authentication. Specifically, for the Token - Generate Auth URL operation, it generates an OAuth2 authorization URL for Microsoft Entra ID (formerly Azure AD). This URL is used to initiate the OAuth2 authorization code flow, allowing users to authenticate and consent to permissions requested by a registered application.

Common scenarios include:

Automating the OAuth2 login process for Power BI integrations.
Generating a user-consent URL dynamically within workflows.
Simplifying the setup of OAuth2 flows by programmatically creating the authorization URL with required parameters.

For example, you can use this node to generate a URL that your users visit to grant access to their Power BI data, after which you can exchange the authorization code for tokens in subsequent steps.

Properties

Name	Meaning
Authentication Token	Bearer token for authentication (without the "Bearer" prefix). Used internally for API calls.
Authorization URL	Base URL for Microsoft Entra ID authorization endpoint. Default: `https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize`
Client ID	Application client ID registered in Microsoft Entra ID.
Response Type	The type of response expected from the authorization endpoint. Commonly `"code"` for authorization code flow.
Redirect URI	The URI where the authorization response will be sent after user consents.
Response Mode	Specifies how the authorization response should be returned. Options include `"query"` or `"form_post"`.
Scope	Space-separated list of scopes that you want the user to consent to, e.g., `"openid profile email"`.
State	Optional value included in the request and returned in the response to prevent CSRF attacks.

Output

The node outputs a JSON object containing the generated authorization URL string. This URL includes all necessary query parameters constructed from the input properties, such as client ID, redirect URI, response type, scope, state, and response mode.

Example output JSON structure:

{
  "authUrl": "https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?client_id=...&response_type=code&redirect_uri=...&scope=openid&response_mode=query&state=..."
}

No binary data is produced by this operation.

Dependencies

Requires a valid Microsoft Entra ID (Azure AD) application registration with appropriate redirect URIs configured.
No external API keys are directly required for generating the auth URL, but subsequent token exchange operations require client secrets and tokens.
The node expects an authentication token parameter internally for other operations, but for generating the auth URL, it primarily constructs the URL based on provided inputs.

Troubleshooting

Missing or invalid client ID: Ensure the client ID matches the one registered in your Microsoft Entra ID app.
Incorrect redirect URI: Must exactly match one of the redirect URIs registered in the app; otherwise, authorization will fail.
Invalid scope format: Scopes must be space-separated strings recognized by Microsoft Entra ID.
State parameter issues: If used, ensure it is unique per request to prevent CSRF attacks.
Empty or missing required parameters: The node requires all mandatory fields; missing any will cause errors.

Common error messages:

"Token de autenticação é obrigatório." — Means the authentication token was not provided when required.
Errors related to malformed URLs or missing parameters usually indicate misconfiguration of input properties.