The following guide describes the process of configuring a Master User account to authenticate with Power BI. The steps described in this article may require elevated privilege's in your Power BI environment. We recommend working with your internal Power BI administration team to setup this account.
Note: We recommend authenticating to Power BI utilizing Service Principals. To setup authentication with a Service Principal please see Setup a Power BI Service Principal
Steps:
1. Register new Azure AD application by visiting https://app.powerbi.com/embedsetup
2. Select "Embed for your organization"
3. Click Sign in and log into your Power BI account.
4. Enter an application name. Example: QuerySurge Integration
5. Enter a Home Page URL. This URL is informational, we suggest using your company's home page
6. Select "Use a custom URL"
7. Enter a Redirect URL. This URL is triggered only once when authorizing the QuerySurge integration. We suggest using your companies home page.
8. Select the below permissions. Its important to note that QuerySurge will ONLY need read permissions
9. Select Register
10. Copy Application ID and Secret (Note: Application secret should be kept in a secure location) and click Skip
11. Click Skip.
12. Navigate to https://login.microsoftonline.com/common/oauth2/authorize?
client_id=<ENTER YOUR APPLICATION/CLIENT ID>
&response_type=code
&redirect_uri=<ENTER YOUR REDIRECT URL>
&response_mode=query&scope=openid&state=12345
13. Click Accept. You will be redirected to your Redirect URL.
14. Open the Azure Portal (https://portal.azure.com/)
15. Click App registrations
16. Locate and select the Application Name used to register the app.
17. Select Authentication
18. Scroll and select "Allow public client flows"
19. Ensure that tied account has Member access to Power BI workspaces to be tested.