🔬
EmbedFAST: Technical Documentation
  • EmbedFAST: Technical Documentation
  • Version updates
    • Version 2.0
  • Redeploying for version updates
  • Setting up
    • Prerequisites
      • Set up Power BI
      • Set up Azure
      • Install PowerShell modules
      • Install Azure CLI
      • Install Bicep CLI
      • Set up the Integrated Development Environment (IDE)
    • Pre-deployment
      • App registration for EmbedFAST API Auth
        • Create an app registration
        • Add API permissions
        • Add a scope
        • Create an app role
      • App registration for Power BI Service
        • Create an app registration
        • Add API permissions
          • Microsoft Graph
          • Power BI Service
        • Power BI capacity administrator
      • Microsoft Entra security group
      • Power BI Tenant settings
      • Capacity settings
    • Deployment
      • Deploy from Azure Marketplace
      • Manual deployment
    • Post-deployment
      • Add the redirect URIs
      • Assign admin roles
      • Generate a token using Postman
        • App + user token
        • App-only token
      • Launch the web app
  • RESOURCES
    • EmbedFAST architecture
    • User API documentation
      • Asset
        • Asset - Retrieves assets
      • Bookmark
        • Bookmark - Retrieves bookmarks for a specific report
        • Bookmark - Creates a bookmark for a report
        • Bookmark - Retrieves details of a specific bookmark
        • Bookmark - Updates a bookmark's details
        • Bookmark - Deletes a bookmark for a report
        • Bookmark - Retrieves bookmarks for a report
        • Bookmark - Creates a shared bookmark for a report
        • Bookmark - Removes user access from a bookmark
      • Branding Detail
        • Branding Detail - Retrieves branding-related details
      • Dashboard
        • Dashboard - Retrieves a list of dashboards
        • Dashboard - Retrieves details of a specific dashboard
        • Dashboard - Deletes a dashboard by its ID
      • Dataset
        • Dataset - Retrieves a list of datasets
        • Dataset - Retrieves details of a dataset by its ID
        • Dataset - Deletes a dataset by its ID
      • Embed Token
        • Embed Token - Generates an embed token for reports
        • Embed Token - Generates an embed token for a dashboard
        • Embed Token - Generates an embed token for creating datasets
        • Embed Token - Generates an embed token for all assets
      • Export
        • Export - Retrieves the status of export-related details for a report
        • Export - Initiates the export process of a report
        • Export - Provides a downloadable stream for a report
        • Export - Provides a downloadable report with a specified filename
        • Export - Retrieves details of previous exports
      • Report
        • Report - Retrieves a list of reports or paginated reports by type
        • Report - Retrieves details of a specific report by ID
        • Report - Clones a report by ID with provided details
        • Report - Deletes a Power BI report by ID
        • Report - Saves a Power BI report by ID into the application
        • Report - Retrieves a list of shared or paginated reports for the user
        • Report - Shares a report with a user
        • Report - Retrieves users for sharing a report
        • Report - Un-shares a report with a user
      • Report Subscription
        • Report Subscription - Retrieves subscriptions by report by ID
        • Report Subscription - Creates a subscription by report ID
        • Report Subscription - Updates a subscription
        • Report Subscription - Deletes a subscription
        • Report Subscription - Sends an email for a subscription
      • Theme
        • Theme - Retrieves themes for a tenant
        • Theme - Retrieves details of a theme for a tenant
      • User Detail
        • User Detail - Retrieves users for a tenant
        • User Detail - Updates current user preferences
    • Admin API documentation
      • Branding Detail
        • Branding Detail - Retrieves brand details
        • Branding Detail - Creates brand details
        • Branding Detail - Updates brand details
        • Branding Detail - Deletes brand details
      • Capacity
        • Capacity - Retrieves a list of capacities
        • Capacity - Retrieves capacities for a resource group
        • Capacity - Starts a paused capacity
        • Capacity - Pauses a running capacity
        • Capacity - Assigns a capacity to a tenant
        • Capacity - Unassigns a capacity from a tenant
        • Capacity - Refreshes capacities for all tenants
        • Capacity - Refreshes capacities for a specific tenant
      • Clean Up
        • Clean Up - Cleans up old and unnecessary database entries
      • Group
        • Group - Retrieves groups for a tenant
        • Group - Creates a group for a tenant
        • Group - Retrieves details of a group for a tenant
        • Group - Updates a group for a tenant
        • Group - Deletes a group for a tenant
        • Group - Retrieves users for a group
        • Group - Removes users from a group
        • Group - Adds users to a group
        • Group - Retrieves assets for a group
        • Group - Revokes access to assets for a group
        • Group - Assigns access to assets for a group
        • Group - Updates access permissions for an asset in a group
      • Role
        • Role - Retrieves roles from the system
        • Role - Creates a new role
        • Role - Updates an existing role
        • Role - Deletes a role by ID
      • Tenant
        • Tenant - Refreshes asset details for a tenant
        • Tenant - Retrieves asset details for a tenant
        • Tenant - Retrieves a list of tenants
        • Tenant - Creates a new tenant
        • Tenant - Retrieves details of a tenant
        • Tenant - Updates the name of a tenant
        • Tenant - Deletes a tenant
        • Tenant - Retrieves users for a tenant
        • Tenant - Updates the default theme for a tenant
        • Tenant - Onboards a workspace as a tenant
        • Tenant - Onboards users to a tenant
        • Tenant - Retrieves available workspaces for onboarding
        • Tenant - Checks tenant name availability
        • Tenant - Checks updated tenant name availability
        • Tenant - Binds a dataset to a report for a tenant
        • Tenant - Retrieves a tenant's bound report and dataset
        • Tenant - Retrieves a list of a tenant's bound reports and datasets
        • Tenant - Retrieves users with tenant-level roles
        • Tenant - Assigns tenant-level access to a user
        • Tenant - Updates tenant-level user access
        • Tenant - Revokes tenant-level user access
        • Tenant - Retrieves user details for onboarding
        • Tenant - Adds report parameters to a report
        • Tenant - Updates report parameters for a report
        • Tenant - Deletes report parameters from a report
        • Tenant - Refreshes a dataset
      • Theme
        • Theme - Retrieves a list of themes for a tenant
        • Theme - Creates a new theme
        • Theme - Retrieves details of a theme by ID
        • Theme - Updates a theme by ID
        • Theme - Deletes a theme by ID
        • Theme - Assigns themes to a tenant
        • Theme - Unassigns themes from a tenant
        • Theme - Duplicates a theme with a new name
      • Trace
        • Trace - Records trace information
      • User
        • User - Retrieves user details by ID
        • User - Deletes a user
        • User - Retrieves a list of users with filters
        • User - Creates a new user with assigned assets
        • User - Assigns assets and a tenant to a user
        • User - Updates a dynamic dataset for a user
        • User - Deletes a dynamic dataset for a user
        • User - Revokes assets and tenant from a user
      • Workspace
        • Workspace - Retrieves users with workspace access
        • Workspace - Adds a user to a workspace
        • Workspace - Updates user access to a workspace
        • Workspace - Revokes user access from a workspace
    • Free app upgrades/updates
    • Best practices for resource handling
    • FAQ
Powered by GitBook
On this page
  • Create a managed application
  • Load the post-deployment script and PowerShell file to Visual Studio Code 
  • Open a terminal window
  • Executing the PowerShell script while bypassing the execution policy
  • Enter your subscription ID
  • Enter your tenant ID
  • Log into Azure through the PowerShell pop-up window
  • Enter your managed resource group name
  • Enter your application name
  • Enter your Azure AD Client ID
  • Enter your service principal application ID
  • Enter your service principal object ID
  • Enter your service principal name
  • Enter your service principal client secret
  • Other details
  • Initial post-deployment steps
  1. Setting up
  2. Deployment

Deploy from Azure Marketplace

PreviousDeploymentNextManual deployment

Last updated 5 months ago

Note: The deployment steps detailed below are intended for Azure Marketplace deployment. The steps for manual/local deployment via Bicep can be found .

Create a managed application

  1. Type "Marketplace" in the search bar and select said option as it appears.

To follow the deployment steps detailed below, you need to access Azure Marketplace using Method 1. The steps below will not align if you use Method 2.

  1. Search for the EmbedFAST and select the application from the search results.

  1. Select a tier from the dropdown menu, then select Create.

  2. Fill the form as detailed below:

  • Project details

    • Subscription: Choose the subscription where you want to keep the managed application.

    • Resource group: Choose the resource group where you want to keep the managed application.

  • Instance details

    • Region: Select a region that has the subscription selected in the previous field.

  • Application details

    • App name: Create and enter a name. Marketplace will validate if this name is available for resources that will be deployed.

    • App service pricing plan: Select an SKU value.

  • SQL details

    • Server admin login: Username for the SQL Server login.

    • Password: A strong password for the SQL Server.

    • Confirm password: Confirm password.

  • Managed Application Details

    • Application Name: Create and enter a name. This will be the name of the managed application where the Azure resources for the tool will reside.

    • Managed Resource Group: This field will be prepopulated when the form is opened. By default, the managed resource group name will be in this format: "mrg-powerbiloadanalyzer-", but you can change it to any name you want.

  1. Click on Next to validate your inputs.

  2. Review the details shown on the Review + create page. Select Create to finalize the process. A managed application will be created under the selected resource group, where all the resources are deployed with one click.

  3. Select the managed application.

  4. Click on the Managed resource group value on right side of the page if you want to go to the managed resource group where all the resources are deployed.

Load the post-deployment script and PowerShell file to Visual Studio Code 

  2. Extract the folder and open it in Visual Studio Code (VS Code). The loaded files should look like this:

Open a terminal window

From the top menu bar, select Terminal -> New Terminal to access the PowerShell terminal window.

Executing the PowerShell script while bypassing the execution policy

This step is required to bypass an execution policy that doesn't allow the ZIP file to work with the PowerShell scripts.

  1. Execute command “powershell -ExecutionPolicy Bypass -File ".\PostDeploytmentScript.ps1"” in the terminal. This command will execute a PowerShell script named "PostDeploytmentScript.ps1" while bypassing the execution policy.

  2. The system will display a variety of prompts. Provide the information as requested. More details regarding the prompts are provided below.

Enter your subscription ID

Follow the steps below to find your subscription ID:

  3. Select the desired resource group from the list where you want to deploy your resources.

  4. Copy the subscription ID as shown below.

  5. In the PowerShell terminal, paste/enter the subscription ID from the previous step.

Enter your tenant ID

Navigate to your Azure Active Directory --> Overview and copy the tenant ID as shown below. Paste/enter the ID into the PowerShell terminal.

Log into Azure through the PowerShell pop-up window

Choose an account to log into Azure with.

Enter your managed resource group name

  2. Find and select the managed application as shown in the image below:

  3. Copy the name of the managed resource group.

  4. Paste/enter the managed resource group name in the PowerShell terminal like the previous steps.

Enter your application name

Enter your Azure AD Client ID

This client ID is obtained from the overview page of the app registration previously created for the EmbedFAST API as part of the pre-deployment steps. Follow the steps below to find your client ID:

  1. Click on Owned applications to see a list of applications you registered, including the ones for the API and Power BI Service done in the pre-deployment steps.

  1. Next to the Display name column is the Application (client) ID column which contains the information needed. Find the application registration created for the EmbedFAST API on the list and note down its client ID.

  2. Alternatively, clicking the app's name takes you to its summary page where you can also find the client ID and copy it directly to your clipboard.

Enter your service principal application ID

This application ID is obtained from the overview page of the app registration previously created for the Power BI Service as part of the pre-deployment steps.

Note:

Enter your service principal object ID

The object ID is obtained from the enterprise application created for the Power BI Service, which is created by default once we create an app registration for it. Follow the steps below to find the ID:

  1. Search for the name of the app registration created for Power BI Service in the search bar. Your enterprise application will be under the same name.

  2. Click on the application's name to access its details page.

  3. Copy the object ID from the Object ID field displayed on the application details page, as shown below.

Enter your service principal name

Enter your service principal client secret

Follow the steps below to create a client secret:

Note: The client secret will only be visible at the time of creation. Take note of it and store it securely for future use for whenever the client secret is required.

  2. Click on Owned applications to see a list of applications you registered. Search for the application created for the Power BI Service on this page.

  3. Click on the application's name to access its details page.

  4. Select Certificates & secrets (under Manage) from the left pane.

  1. Click on New client secret to create a client secret.

  1. Enter a description and select when the secret expires. Click on Add to add the client secret.

  1. Copy the value of the newly created client secret as shown below.

Reminder: Take note of the client secret and store it securely for future use for whenever it is required. The client secret is only visible at the time of creation and will NOT be visible again.

Other details

  • Enter the sender email: Provide an email address. This email will be used for sending subscription emails to other users.

  • Enter the sender email password: Provide the password for the email address provided in the previous step.

Initial post-deployment steps

Entering the email password prompted in the previous step completes the deployment process and prompts a menu to appear:

Enter "1" as your selection. A post-deployment operation will run that will perform the operations detailed below:

  • Add your client IPv4 address to Set Server Firewall.

  • Grant the necessary permissions to the service principal app registration on the Database. It will give admin access on the Database created.

  • Add the Power BI App service principal as an external Azure AD user.

  • Grant permissions to the user.

Note: If an error occurs (e.g., “Client with IP address ‘IP-Address’ is not allowed to access the server”), you have the option to manually include the IP in the server's firewall rules. Follow the steps detailed below to do so:

  2. Find and select the managed application as shown in the image below:

  3. Click on the Managed resource group value on right side of the page, it will take you to the managed resource group where all the resources are deployed. /

  4. Select the SQL server deployed with the application's name.

  5. Select Networking (under Security) from the left pane.

  6. Click on Add a firewall rule.

  7. Enter the IP address that was not allowed to access the server in the Start IP and End IP fields. Select OK to save the changes.

This completes the deployment process.

Warning: Azure Marketplace can be opened in 2 ways: Method 1 - Opening it as shown in step 1, which takes you here:

Method 2 - Opening it (not from the Azure portal), which takes you here:

Download the .

Type “Subscriptions" in the search bar and select said option as it appears.

Once on the page, you will see a list of resource groups displayed. Select the resource group that you have created earlier in the section.

This is the name of the managed resource group in your subscription where EmbedFAST’s resources will be deployed to. The managed resource group is created under the resource group that was created in the prerequisites section. Follow the steps below to find the name of your managed resource group:

Type “Resource groups" in the search bar and select said option as it appears.

Provide the name of your app (as selected in the ).

Type “App registrations" in the search bar and select said option as it appears.

You can follow steps 1-3 to obtain your service principal application ID for the Power BI Service. After step 3, find the application registration created for the Power BI Service on the list and note down its client ID.

Type "Enterprise applications" in the search bar and select said option as it appears.

On the same page where the was obtained from, you can find the name of your service principal at the top left corner of your page.

Type “App registrations" in the search bar and select said option as it appears.

Type “Resource groups" in the search bar and select said option as it appears.

PowerShell files
Azure portal
Azure portal
Azure portal
Azure portal
Azure portal
Azure portal
previous step
detailed above
object ID
here
Azure portal
directly
prerequisites
earlier