Recently I have been trying to make Power BI APIs work with service principal authentication. All steps mentioned in this article are done:
- an Azure AD app is registered (service principal created)
- an AD security group is created, the app is added to this group
- a Power BI admin has enabled service principal access in the admin portal
- the service principal and the security group are added to the workspace (and granted the admin role)
I am able to generate an access token using the POST method for https://login.microsoftonline.com/common/oauth2/token (screenshot below).
The issue is that whenever this token is used for any further calls (I have tried both non-admin and admin APIs - when it comes to admin ones, I only tested the supported APIS - can be seen in this article, I am shown the 401 unauthorized error.
So, my question is:
did I overlook a security setting in Azure perhaps? Our company uses MFA, but service principals can not use that from what I have found on the internet/in the documentation. Or is the generated token invalid somehow?
