Application Configuration in Azure Portal for OAuth2 Account to use in Power BI

Owned by Kalpana Malladi
Last updated: Feb 16, 2024 by Gouri Bhagchandani
5 min read

  In this article

Overview

The Snaps in the Azure Active Directory Snap Pack require an OAuth2 account to access the resources in Azure. For the OAuth2 account to authorize successfully, create, and configure an application corresponding to the account as shown in the workflow.

Steps one to three are done in the Azure Portal and the remaining steps are done in the Snap account (SnapLogic Platform).

Prerequisites

An Azure account with a free subscription to create the application.

Key Steps in the Workflow

Create an Application in the Azure Portal

  1. Log in to the Microsoft Azure Portal.

  2. Navigate to Azure services > Azure Active Directory.

  3. Navigate to Add > App registration.

  4. On the Register an application page, specify the name for registering the application and click Register. Learn more about creating an application at Quickstart: Register an app in the Microsoft identity platform - Microsoft Entra.

To use an existing application, navigate to Portal Home > Azure Active Directory > App registrations > All applications. In the search box, specify the application name you want to use. Details on the application display in the search list.

Define Permissions

  1. On the left navigation panel, navigate to Manage, select API permissions > Add a permission.

  2. Select Microsoft Graph > Application permissions for the OAuth2 Application Account on the Request API permissions window.

  3. Select the permissions from Files, Users, and Teams. Choose the minimum API permissions listed under Scopes and Permissions Required for Power BI.

  4. Click Add Permissions. View all the permissions added under Configured permissions.

  5. Click Grant admin consent confirmation and select Yes.

  6. Click Overview and select Add a Redirect URI. You will be redirected to the Platform configurations page.

    1. Under Platform configurations, click Add a platform.

    2. Select Web and specify a valid Redirect URI https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/PowerBI and click Configure. A popup message displays indicating that the application is successfully updated.

  7. On the Platform configurations page, click Save.

Locate the Application Credentials in the Azure Portal

To authorize your account in SnapLogic, you must have the following application credentials:

  • Application (Client) ID

  • Directory (Tenant) ID

  • Client secret value

  1. On the application page, under Essentials, note the Application (client) ID and Directory (tenant) ID needed for the Snap account.

  2. In the left navigation panel, select Manage > Certificates & secrets.

  3. On the Certificates & secrets page, click + New client secret.

  4. In the Add a client secret window, enter the Description, select an option for Expires from the dropdown list, and click Add. 

    The Client secret value and ID are generated. This value and the ID are required to configure the OAuth2 account.

You can copy the Client secret value only after it is generated. Note that this value is displayed only once, so ensure to copy it securely.

Scopes and Permissions Required for Power BI

Application permissions

Application permissions

Permission

Display String

Description

Admin Consent Required?

Application.Read.All

Application.Read.All

Allows the app to read applications and service principals on behalf of the signed-in user.

Yes

AppCatalog.Read.All

AppCatalog.Read.All

Allows the app to read the apps in the app catalogs.

No

Specify the Credentials And Validate the Snap account

  1. Navigate to the Snap of your choice and configure the OAuth2 account with the details from the Azure portal's registered application. Refer to the Power BI OAuth2 account.

  2. Select the Auto-refresh token checkbox in the account settings and click Apply.

  3. Click Authorize. The Access and Refresh tokens are generated. You will be redirected to the sign-in page of the Azure Portal.

  4. Sign in to Azure Portal with valid credentials to redirect to the Snap Edit account settings dialog. The Access and Refresh tokens are auto-populated but encrypted in the Account settings.

  5. Validate the Snap Account.

Troubleshooting

Common Errors

Reason

Response

Common Errors

Reason

Response

Error 401

Token is invalid

Provide a valid token and reauthorize the account.

The redirect URI specified does not match the reply URI configured for the application.

Incorrect redirect URI specified by user.

Add the following redirect_uri:
https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/PowerBI

URL error when invoking the operation

Ensure the tenant domain name is correct.

Ensure that Directory (tenant) ID noted from the application is in the correct format.

Example: 2060aafa-89d9-423d-9514-eac46338ec05

Frequently Asked Questions

Yes, you can register a new application or use an existing application in the Azure portal to create an OAuth account. Refer to the configuration documentation key flow Create an Application in Azure Portal. For more information, refer to Register a client application in Azure Active Directory for the Azure Health Data Services

In our configuration documentation, the key workflow Locate application credentials in the Azure Portal highlights the Application ID, Client ID, and Secret key values. For more information, refer to Power BI OAuth2 Account.

For any support, contact the support team. The help icon in the Snap provides referential information with the selected Snap from the application.

The Scopes and Permissions Required for Azure Active Directory specify the Delegated and Application permissions details. For any other permissions that are needed for the application, refer to Microsoft Graph permissions reference - Microsoft Graph

You can use the Power BI OAuth2 account to connect Power BI Snaps with data sources. For more details, refer to Power BI OAuth2 Account.


Related Links

Have feedback? Email documentation@snaplogic.com | Ask a question in the SnapLogic Community
© 2017-2024 SnapLogic, Inc.