Power BI Embedding in iframe with OAuth

Hi,

I am looking to embed a Power BI report in a Perspective iFrame component and have it automatically authenticate using a service principal object from our Azure AD environment.

I am loosely basing my steps off of this process, for reference.
Power BI Embedded Implementation using Service Principal and Python (alphabold.com)

Through the scripting module and the urllib2 library, I am able to successfully authenticate (OAuth2) and then retrieve the embed URL and embed/access tokens with a series of REST calls to the APIs that Power BI provides. The final REST call to get the embedded report is below. I am using a Bearer token to authenticate:

embedUrl = system.net.httpGet(str(embedConfig['embedUrl']),headerValues= {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + str(embedToken['token'])})

Then, I am using Web Dev module to retrieve the html from that call so that the iFrame source can refer to it.

DoGet in Web Dev:

	embedUrl = powerBI.testpowerbi()
	embedUrl = system.util.jsonDecode(embedUrl)
	return {'html': str(embedUrl)}

iFrame source property pointed to the WebDev resource:

http://[server]:[port]/main/system/webdev/[project]/powerBI

Now when the iFrame loads, it is just waiting for the Bearer authorization tokens and keeps spinning.

My question here is whether anyone has done this before or if it is possible in Ignition. Microsoft provides a Javascript based API for custom applications that specifically attaches the necessary embed data to the HTML element. I am essentially trying to replicate that API in our Ignition environment in order to automatically authenticate the embedded report.
Embed a report in Power BI embedded analytics | Microsoft Learn

1 Like

Any luck here? Been considering doing this myself. I am thinking about a local nodeJS app to handle the auth and rendering and just HTTP calling that in my iFrame

Unfortunately, no. Not without a separate application (such as a nodeJS app like you mentioned) to handle the authentication using Microsoft's APIs. We were trying to avoid doing this using a separate app.

That's what I figured - thank you!