christianwade
commented
1 year ago Hi Yavari,
I'm assuming your dataset is in Power BI Premium (not AAS).
You should be able to use service principals. The permissions are the same as what you would need to execute TMSL scripts for metadata changes/refreshes from SSMS (this is all BISM Normalizer/ALM Toolkit is doing). Please see docs here and here.
Once you get it working from SSMS, then you should be able to specify the SPN creds for unattended execution using the command line arguments listed on Page 32 of this doc.
Hopefully that works for you.
Christian
Yavari
We are trying to setup auto deployment in Azure devops but have encountered an issue I hope you can help me resolve.
I have first tried to use BismNormalizer with a system account and receive:
Microsoft.AnalysisServices.Authentication.NonInteractiveLoginException: Unable to obtain authentication token using the credentials provided. If your Active Directory tenant administrator has configured Multi-Factor Authentication or if your account is a Microsoft Account, please remove the user name and password from the connection string, and then retry. You should then be prompted to enter your credentials.We have then switched to an App Registration that we use the refresh the PowerBI dataset and I receive:
What API/Permissions do I need to add to the App Registration to get it to work? Do I need to add the Application permission Tenant.Read.All? That could be an issue for me since I don't think our Admins would allow it.
We have solved the dataset refresh call by using an OAUTH token based on our system account and app registration. Where we have added delegated permissions Dataset.Read.All and Dataset.ReadWrite.All to the App Registration.
We can add as many deleted permissions as needed. My questions is therefore. Can we use BismNormalizer with an OAUTH token and which delegated permissions do I need to add?