> For the complete documentation index, see [llms.txt](https://maqsoftware.gitbook.io/loadfast-technical-documentation/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://maqsoftware.gitbook.io/loadfast-technical-documentation/setting-up/prepare/pre-deployment/create-an-app-registration-for-the-loadfast-api.md). # Create an app registration for the LoadFAST API ## Create an app registration To create an app registration, you must have one of the following Microsoft Entra roles: * Global Administrator * Cloud Application Administrator {% hint style="info" %} **Note:** A Global Administrator is typically the person who signs up for the Microsoft Entra ID tenant. View the guide on [assigning Microsoft Entra roles to users](https://learn.microsoft.com/en-us/azure/active-directory/roles/manage-roles-portal) for more information. {% endhint %} 1. Log into the [Azure portal](https://portal.azure.com). 2. Type “**Microsoft Entra ID**" in the search bar and select said option as it appears.

3. Select **App registrations** (under Manage) from the left pane and click on **New registration**. This will take you to the **Register an application** page.

4. Enter an application name in the **Name** section. We have named it PowerBILoadAnalyzer, and will refer to it as such throughout the documentation. 5. Under the **Supported account types** section, select: * **Accounts in any organizational directory (------ only - Single tenant)** option (in our example, the "**------**" is MAQ Software, but this blank should have the name of your tenant instead). 6. Click on **Register** to create the application. 7. After the app registration is created, you will see a summary page listing the details of your application. {% hint style="info" %} **Note:** Note down the display name, application (client) ID, and directory (tenant) ID. These details will be required as part of the set up process. {% endhint %}

## Add Microsoft Graph API permissions 1. Select **API permissions** from the left pane of the app registrations overview page.

2. Click on **Add a permission** on the API Permissions page. 3. A menu titled **Request API permissions** will appear on the right side.

4. Click on **Microsoft Graph**.

5. Click on **Delegated permissions**.

6. Scroll to the bottom to the **User** section and expand the drop-down menu. 7. Select the **User.Read** and the **User.ReadBasic.All** permissions shown below:

8. Click on **Add permissions** to confirm the changes. ## Add Power BI Service permissions 1. Click on **Add a permission** on the API Permissions page to open the Request API Permissions menu.

2. Select **Power BI Service**. You may need to scroll down on the menu to view this option.

3. Click on **Delegated permissions**.

4. Scroll to the **Dataset**, **Report**, and **Workspace** section and expand their drop-down menus. 5. Select the permissions detailed below:

* Dataset -> Dataset.Read.All * Report -> Report.Read.All * Workspace -> Workspace.Read.All 6. Click on **Add permissions** to confirm the changes. ## Create a client secret Create a client secret for the app registration created [earlier](https://maqsoftware.gitbook.io/pbi-load-analyzer-technical-documentation/setting-up/pre-deployment/create-an-app-registration-for-the-loadfast-api#create-an-app-registration) by following the steps detailed below: {% hint style="danger" %} **Note: The client secret will only be visible at the time of creation.** Take note of it and store it securely for future use for whenever the client secret is required. {% endhint %} 1. Type “**App registrations**" in the [Azure portal](https://portal.azure.com) search bar and select said option as it appears.

2. Click on **Owned applications** to see a list of applications you registered. Search for the application you created [earlier](https://maqsoftware.gitbook.io/pbi-load-analyzer-technical-documentation/setting-up/pre-deployment/create-an-app-registration-for-the-loadfast-api#create-an-app-registration).

3. Click on the application's name to access its details page. 4. Select **Certificates & secrets** (under Manage) from the left pane.

5. Click on **New client secret** to create a client secret.

6. Enter a description and select when the secret expires. Click on **Add** to add the client secret.

7. Copy the value of the newly created client secret as shown below. **This value is required to deploy the tool.**

{% hint style="danger" %} **Reminder:** Take note of the client secret and store it securely for deployment and future use for whenever it is required. The client secret is only visible at the time of creation and will **NOT** be visible again. If the secret is lost another one will have to be created. {% endhint %} ## Create an app role 1. Select **App roles** from the left pane of the app registrations overview page.

2. Click on **Create app role**.

3. Populate the fields and options as shown below and click on **Apply**.

| **Field** | **Input parameter** | | -------------------- | ------------------------------------------------------------------------- | | Display name | Admin | | Allowed member types | Users/Groups | | Value | PBILoad.Admin | | Description | Admins will have the capability to access admin features inside the tool. | {% hint style="warning" %} **Note:** Ensure the value field is filled exactly as "**PBILoad.Admin**". The admin feature of the tool will not work otherwise as the tool's code checks specifically for the "PBILoad.Admin" value. Without it, the user is unable to access the admin view of the tool. {% endhint %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://maqsoftware.gitbook.io/loadfast-technical-documentation/setting-up/prepare/pre-deployment/create-an-app-registration-for-the-loadfast-api.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.