Power Query Facebook Access Token - excel

I am trying to query the feed of a Facebook group page using Microsoft Power Query.
This particular query requires an access token. I have tried it out successfully in Facebook's Graph API Explorer, however it seems that Power Query does not include the access token when querying the Facebook Graph API. Thus Power Query is returning the "[DataSource.Error] The returned value has no columns." message. Any ideas on how to include\refresh the access token within Excel?

Power Query absolutely does include the access token when using the Facebook Graph API. However, the set of queries that Facebook allows us to run is considerably smaller than what you can do via the API explorer. This is probably why you don't get any data.
I find that the best way to explore or troubleshoot this kind of issue is to use a tool like Fiddler to see the network traffic as the requests are made.

Related

3-Legged OAuth2 Authorization code flow for Excel?

This might be a long shot, but I'm using the MYOB Business API which has the same OAuth authorization flow as the LinkedIn API - 3-legged - and am planning on making queries to it through Excel, most likely power query.
The big issue with this is obviously dealing with the sending and receiving of the code=, access_token and refresh_token. Most of the searches I've done relating to using Power Query and OAuth seem to only deal with username and password OAuth and not the authorization flow, shown here https://developer.indeed.com/docs/authorization/3-legged-oauth.
I'm curious if there is Power Query M Language code out there that I haven't come across or if I have to go the route of building an OData Feed (or another method?) on top of the API so that it can be queried in Excel?
Any help or further direction would be appreciated.
I should also note they have a website containing their Postman collection using different languages here; https://accountrightapi.myob.cloud/?version=latest#f2b93dfa-803f-44b9-8a07-756874494227
The short answer for Excel is: No, but Asterisk.
Excel Power Query doesn't support custom connectors (as of 2022-02-07)
To securely use Auth2 flow, it requires a custom connector
There is some built in support, if the connector supports it. ( Like Web or OData)
Here's a summarized version of Chris Web. (He's a Power Query Wizard) Connecting To REST APIs With OAuth2 Authentication In Power Query/Power BI # blog.crossjoin.co.uk
the definitive, Microsoft-endorsed answer to this question is:
If want to connect from Power BI to a REST API that uses OAuth2 authentication then you need to build a custom connector.
You can use OAuth2 credential flow in regular Power Query queries without needing a custom connector.
this is not recommended: it’s not secure and it’s not reliable. In particular, hard-coding usernames/passwords or client ids/client secrets in your M code is a really bad idea
The only exception is that you can connect to some APIs that use AAD authentication using the built-in web or OData connectors
To use a custom connector in the Power BI Service, it requires an on-premises gateway
How to implement OAuth2 flow
Creating a Custom Connector
Using built-in OAuth2 flow using with Azure Active Directory using the Web and OData connectors
I used excel VBA code to handle the MYOB API connection by invoking MS Edge, with Seliumn Basic drivers.
VBA then executes the MYOB API Connector Add-On.
VBA receives the database files I require from MYOB and writes them to a.txt file location on my PC.
VBA then refreshes the data connections for Power Query which runs the M Code I’ve written in advanced editor.
When I close excel, VBA closes all the connections and MYOB add on connector.

How to use Power BI REST API's in Azure Data Factory

I am trying to create a list of all the workspaces and the reports contained in each one of them for a documentation project.
I found online that we can use this to get the workspaces, I wanna use it with a "web" activity:
https://api.powerbi.com/v1.0/myorg/groups
And then I want to use the IDs we get in the output with a foreach and another web activity inside of it and use this to get the reports in each workspace, then copy it somewhere (datalake or DB) :
https://api.powerbi.com/v1.0/myorg/groups/{groupId}/reports
But I don't know how to configure the activity and the authentication.
If there is a better way like connecting directly to Power BI I'm all ears, I tried to do a get data from web source but I don't have any "key" for API and organization authentication doesn't work.
When I run the code here: https://learn.microsoft.com/en-us/rest/api/power-bi/groups/getgroups it works perfectly.
Thanks in advance
'But I don't know how to configure the activity and the authentication.' For this question, I'm not sure if you don't know how to use access token to call an API.
Register an azure ad application with the api permission of 'https://analysis.windows.net/powerbi/api/Workspace.ReadWrite.All'
so that you can generate an access token by this application with
this scope. Add api permission.
Use ropc flow to generate an access token. This flow contains user information so that your api could know who you are to return correct groups.
Add 'Authorization' in request head with value of 'Bearer accessToken' to call the api.
ropc flow 1.0:

Retrieving user's calendar events in Microsoft graph using application permissions

I'm trying to build a small application that can retrieve a particular user's calendar events without a signed in user, that is to utilize the application permissions in Graph API and query the events by authenticating with App ID, Tenant ID and Secret values. I was able to follow this documentation https://learn.microsoft.com/en-us/graph/auth-v2-service and generate JWT tokens to query the graph API. And it worked fine when i tried to retrieve all the users information, or even retrieve a particular users information using the following paths.
/users
/users/{id | userPrincipalName}
Both the above endpoints worked fine and i was able to retrieve details, but when i tried to access the calendar events of a particular user using the following Graph API path
/users/{id | userPrincipalName}/events
I get the following error,
I'm not sure what i'm doing wrong here, i have the following Application permissions set up in Azure AD Portal and the permissions are reflected in the JWT token.
I feel like the token generation part is working fine since the first two Graph API endpoints i mentioned above are functional, but I'm not sure where else I'm going wrong and as to why I'm not able to retrieve a particular user's calendar events. Any help would be much appreciated.

Getting 403 Forbidden when Authenticating Non-Interactively to Azure REST API for PowerBi Embedded Report

I am new to both Azure ActiveDirectory as well as Power Bi Embedded.
I have an ASP.net WebForms app that I would like to display some PowerBi Reports in. When I authenticate interactively, all works well, I get my token and am able to access my report. (Follwing the excellent examples found on GitHub) These examples are interactive logins and use the AcquireTokenByAuthorizationCode() method.
However, I don't want my users to have to create / login with any account, just want to render the report for their consumption.
So I have setup a ClientCredential (cc) with my clientID and clientSecret. Am using this with the AquireToken method thusly:
token = AC.AcquireToken("https://analysis.windows.net/powerbi/api",cc).AccessToken;
This successfully gets me a token, however, when I add that to the request header:
request.Headers.Add("Authorization", String.Format("Bearer {0}", accessToken.Value));
The Response always fails with a "403 Forbidden" error at:
using (var response = request.GetResponse() as System.Net.HttpWebResponse)
{}
I've looked at other examples, many are using the async methods to aquire a token, which I am not.
Can anyone advise on how I can get past these 403 errors so I can simply serve up reports to my users (I don't want to publish them publicly, due to security concerns).
Thank you kindly in advance!
Doh, I was doing it wrong! Azure Login is not necessarily required to embed reports securely. The 3rd link below is included because my app is not MVC but WebForms, and Mr. Mikami shared a nice code sample which I tweaked to help me achieve my goal.
For anyone else looking to use Power Bi Embedded to embed reports, and authenticate non-interactively, these 3 links helped get me there.
Get started with Microsoft Power BI Embedded
Get started with Power BI Embedded sample
Power BI Embedded using Web Forms and Row Level Security

Power BI Data Source with Refresh ability

I am trying to setup a data set in Power BI which can be refreshed on a need basis or scheduled to refresh.
I am uploading an excel workbook which has a power query.
the power query is connecting to Replicon Service to get data via service. the query looks as below:
Source = Web.Contents(
"https://na2.replicon.com/services/ClientService1.svc/GetActiveClients",
[
Headers=
[
#"Authorization"="Bearer *ValidToken*",
#"Accept"="application/json",
#"Content-Type"="application/json"
],
Content=Text.ToBinary("{}")
]
)
the request is a POST operation and hence Content field is used in Web.Contents Options argument. Authentication is via Bearer token.
Data source setting is Anonymous Credentials with privacy Level set to None.
This works fine and I am able to retrieve the results and even refresh form within workbook.
Once I upload this to PowerBI and attempt to refresh the newly created Dataset it says:
You cannot refresh yet because you need to provide valid credentials for your data sources in the dataset.
So I go to Manage Data sources. Click Edit Credentials. Select "Anonymous" Authentication method and click on Sign In and it says "Login Failed".
Why is that so? It appears that the Headers are lost when I upload the Excel workbook. How can I accomplish this? Is there any alternate ways of being able to set up a Data Set which can be refreshed - the source being a web service?
this is what i ended up doing finally.
my scenario first:
my requests are POST
Authentication is via bearer token which needed to be passed via Request Header. this was the requirement of the replicon service i am trying to invoke which i couldn't change
the dataset that is created in PowerBI needed to be refreshable.
Since i couldn't get it to work directly from inside PowerBI i introduced an intermediate layer. this would interpret GET requests from PowerBI. process the token from query string. accept the service and operation also as query string parameters. it would then create POST request to the Real Service (replicon services in my case). the service name and operation names were also picked up from request URL. the token was pushed as part of request header
so the request from PowerBI would look as PowerBI needed i.e.
Web.Contents("https://intermediatelayer.com?access_token="*validtoken*"&ServiceName="ClientService"&Operation="GetActiveClients"")
not an ideal solution but works.
Manage Data Sources is validating the Anonymous credentials with a GET request to the URL without the hardcoded headers, like you suggest. It's basically running
Web.Contents("https://na2.replicon.com/services/ClientService1.svc/GetActiveClients")
which fails with "(405): Method Not Allowed", and so Manage Data Sources thinks the credentials are wrong.
Short of making the service reply with a success response for the above M, I don't see any way to set up refresh on this mashup.

Resources