Skip to content

Get a Refresh Token

Tldr

Authorization flow: auth code flow

References

See here for details: oauth-auth-code-flow

The following works:

URL to generate code:

https://login.microsoftonline.com/common/oauth2/authorize?client_id={{client_id}}&response_type=code&redirect_uri=https://localhost:44300/&response_mode=query
  1. In the client's edge browser profile:

    1. replace {{client_id}} with your client id
    2. call this url and authenticate. Grant consent if you are asked (unlikely).
    3. copy the new url from the address bar, and paste it into Notepad++
    4. copy the code
      pbi-proxy-refresh-token-copy-code.png
  2. In postman:

    1. copy the auth flow calls from another installation (e.g. #hbt or #die)
    2. replace the variables, including client id, secret, tenant, redirect, and code
    3. generate the refresh token by sending the request
    4. if everything worked, you will get a response containing an access token and a refresh token
      pbi-proxy-refresh-token-postman.png
  3. Do this twice, once for a refresh token for postman (to debug), once for a refresh token for Azure, to store in the KeyVault.

Get an Embed Token

To test if everything works, we are getting an embed token from the Power BI REST API, in postman.

  1. Copy the embed token folder from another client

  2. replace the workspace id and the report id in the URL

  3. replace the datasetId in the body

  4. Send

  5. If everything worked, you will get a token

Checklist

  • You have a refresh token for Postman. It is stored in the collection variables
  • You have a refresh token for Azure. It is stored in the response of the request, for later use
  • You can get an Embed token in Postman