Create an app registration for the LoadFAST API

Follow the steps below to create and configure an app registration for the LoadFAST API. This is needed for authentication/authorization purposes.

Create an app registration

To create an app registration, you must have one of the following Microsoft Entra roles:

  • Global Administrator

  • Cloud Application Administrator

Note: A Global Administrator is typically the person who signs up for the Microsoft Entra ID tenant. View the guide on assigning Microsoft Entra roles to users for more information.

  1. Log into the Azure portal.

  2. Type “Microsoft Entra ID" in the search bar and select said option as it appears.

  3. Select App registrations (under Manage) from the left pane and click on New registration. This will take you to the Register an application page.

  4. Enter an application name in the Name section. We have named it PowerBILoadAnalyzer, and will refer to it as such throughout the documentation.

  5. Under the Supported account types section, select:

    • Accounts in any organizational directory (------ only - Single tenant) option (in our example, the "------" is MAQ Software, but this blank should have the name of your tenant instead).

  6. Click on Register to create the application.

  7. After the app registration is created, you will see a summary page listing the details of your application.

**Note:** Note down the display name, application (client) ID, and directory (tenant) ID. These details will be required as part of the set up process.

Add Microsoft Graph API permissions

  1. Select API permissions from the left pane of the app registrations overview page.\

  2. Click on Add a permission on the API Permissions page.

  3. A menu titled Request API permissions will appear on the right side.

  4. Click on Microsoft Graph.\

  5. Click on Delegated permissions.

  6. Scroll to the bottom to the User section and expand the drop-down menu.

  7. Select the User.Read and the User.ReadBasic.All permissions shown below:

  8. Click on Add permissions to confirm the changes.

Add Power BI Service permissions

  1. Click on Add a permission on the API Permissions page to open the Request API Permissions menu.

  2. Select Power BI Service. You may need to scroll down on the menu to view this option.

  3. Click on Delegated permissions.

  4. Scroll to the Dataset, Report, and Workspace section and expand their drop-down menus.

  5. Select the permissions detailed below:

    • Dataset -> Dataset.Read.All

    • Report -> Report.Read.All

    • Workspace -> Workspace.Read.All

  6. Click on Add permissions to confirm the changes.

Create a client secret

Create a client secret for the app registration created earlier by following the steps detailed below:

  1. Type “App registrations" in the Azure portal search bar and select said option as it appears.

  2. Click on Owned applications to see a list of applications you registered. Search for the application you created earlier.

  3. Click on the application's name to access its details page.

  4. Select Certificates & secrets (under Manage) from the left pane.

  1. Click on New client secret to create a client secret.

  1. Enter a description and select when the secret expires. Click on Add to add the client secret.

  1. Copy the value of the newly created client secret as shown below. This value is required to deploy the tool.

Create an app role

  1. Select App roles from the left pane of the app registrations overview page.

  2. Click on Create app role.\

  3. Populate the fields and options as shown below and click on Apply. \

Field

Input parameter

Display name

Admin

Allowed member types

Users/Groups

Value

PBILoad.Admin

Description

Admins will have the capability to access admin features inside the tool.

Last updated