Power BI Desktop - Storing credentials - rest

I am fetching POWER BI admin and workspace information using the Power BI Rest API from the power BI Desktop which I plan to publish as a report later. I have written a function in Power Bi query editor to generate an access token which I am calling in my REST API call. All this works fine. But, how can I secure my function to generate access token. Currently, the username and password are being hardcoded in the function.
What is the best practice and how to make this more secure.

I solved a similar problem a while ago and found the best solution to be using this Power BI REST API Connector:
Article describing the connector: https://www.thepoweruser.com/2021/02/21/power-bi-rest-api-connector/
Github: https://github.com/migueesc123/PowerBIRESTAPI

Related

Do we need to configure any specific settings in OBIEE to access BI Publisher via SOAP or REST API's?

We are trying to access BI Publisher reports that are created in our OBIEE (Oracle Business Intelligence Enterprise Edition) via SOAP or REST API's.
When we try to access a report directly via browser UI (https://xx.xx.xx.xxx:443/xmlpserver) we are able to view (or attain) the results.
However, we were not able to achieve it via either of the API's (SOAP or REST).
We are suspecting any configuration (or settings) needed on the OBIEE end, but unable to figure out the root cause that is blocking (frequently returning random errors) the API calls.
Please advise on the settings needed.

How to Extract Jira test results data using azure data factory..?

I am facing the issue with extrct projects test results data from Jira using API in azure data factory.
Please help me on this..
I don't have experience using XRAY API, but I have made other API calls via ADF. Based on Xray documentation you would need to make two API calls in ADF.
Get Access Token/API Key
Use Access Token to Get Test Results
Theoretically it would look something like this using these links:
https://docs.getxray.app/display/XRAYCLOUD/Authentication+-+REST
https://docs.getxray.app/display/XRAY/Tests+-+REST#TestsREST-GettingallTestsstatuses
Step 1: Get Access Token (refer to link and screenshot here)
Step 2: Use Access Token to get Test Results (refer to link and screenshot)
This should be pretty close to what you need, but I am unable to test since I don't use xray, but I hope this helps.

How Acumatica Cloud ERP integration works for third party application?

We have an application developed with react and NodeJs and already implemented an MYOB cloud ERP integration to import data. Now we are planning to add a new ERP integration for Acumatica, in the developer document it was mentioned that the rest API is available but I can't find the cloud instance URL, everywhere it was mentioned as localhost only. So can anyone please help me to understand how to connect the Acumatica cloud to fetch details?
Note: I understand the authorization flow like Authorization Code but I'm confused with which URL to use for and I hope it should be a fixed one as it is a cloud URL
The Integration end points is a rather large topic. I am in the process of writing a blog post on it which is more or less a getting started blog on automating stuff and getting info via ReST. The blog itself is in the context of using these services via PowerShell but if you are able to follow along and get to the point of establishing postman examples of what you need to do you should be able to get to the same end result in any language.
You will want to explore The Web Services Endpoint screen in the integration module as this is where all the Contract Based Soap/ReST definitions are managed. You can even set up custom endpoint if you need.
Do you have access to the Acumatica Portal? The best way to get started is with some of the course work there.
Stand by and ill forward some information for you to get started.
Robert
The URL for the RestAPI is whatever is the site URL of your Acumatica instance. For example if your Acumatica is hosted in www.ManiMaran.com. To login to your API :
http://ManiMaran.com/entity/auth/login.

How does one secure a tableau report when it is embedded in a web application?

I'm new to Tableau and was wondering if someone could explain to me how report data is secured when the report is embedded in a website or web application (e.g. ASP.NET)? From my research, it looks like there are two ways to embed a Tableau report:
Using an iFrame
Through the Tableau JavaScript API
Neither of these methods seem very secure, however, without requiring the user to log in to the Tableau server, which would require a double-login (first login to the web application and then a second login to the Tableau server) and thus be undesirable.
Can someone post a link, or otherwise help me to understand how security works with Tableau reports? I am really impressed with Tableau, but don't understand this aspect yet.
Thank you in advance.
Environment:
IIS server
ASP.NET MVC web application utilizing Windows Authentication
You'll want to look into using what Tableau calls "Trusted Authentication." There are a few methods they give you to accomplish this, so it will depend mostly on your configuration.
The general idea is that you authenticate once with Tableau server and it returns a ticket that you can use (usually for the duration of the session). With that, you can essentially imitate any user, so if you have user-specific data it will work as though they logged in.
You will need administrator access to your Tableau server to configure this.
Here are the docs for Trusted Authentication:
http://onlinehelp.tableau.com/current/server/en-us/trusted_auth.htm

Power BI , rest source , authentication and access (users)

I am fairly new to Power BI. I have two questions/clarifications:
Question 1:
I was wondering What type authentication is supported by Power BI datasets. I will explain with an example below:
Consider I have a Power BI dataset and some charts (a dashboard) in Power BI. The datasource is Rest WCF service on my premises. The users are my organizational users. The OData service is an HTTPS endpoint. I was wondering if authentication would work in that case? Would I be able to authenticate the user in this case. As my knowledge goes if the call to my rest service has a token in header, I would be able to call my STS and validate the user.
My question is when the dataset is refreshed, the call to my service (which is made from Power BI) does it also include a Token in the call header. I am assuming it would be because the user is already logged on to power BI using his/her organizational credentials. Can someone please confirm.
Question 2:
This question is again about user access/authentication. Consider that my organization has many users which have different level of access to data (some users would see more data/ some less based on user id). I develop some power BI datasets (models) and some dashboards. I as developer have access to all data, so essentially see all data. I then share them to end users.
The question is when any user uses the shared dashboards and refreshes the dataset, will his access (authentication) work and he sees only those data that he should ?
I am confused as to how this would work. Is it that when an user adds a shared dashboard into his profile, would he/she have his own copy of the dashboard/dataset or will it be an shared one. If it is a shared one then I guess the access thing would not work.
Please advise/suggest.
Girija
First question: if your data sources uses basic authentication it should work. You would build your Excel file or Power BI Desktop file to point to your data source, ensure it refreshes and then publish to the Power BI service. If you're looking for OAuth, then that is not something you can do on your side yet.
Second question: depends on how you implement your solution. If you're using the a REST API, the data is retrieved as the user who entered their credentials. So if you share your report built on your data source, then the people you share with see your data. However, if you use something like Analysis Service tabular as the data source, you can implement row level security in Analysis Service tabular, your users would instead login as themselves and see just the data they have permission to.