How to Register Power BI App in Azure

Ready to unlock the full potential of your Power BI data by embedding reports or automating tasks with the API?

Graphed

Build AI Agents for Marketing

Build virtual employees that run your go to market. Connect your data sources, deploy autonomous agents, and grow your company.

Build Your First Agent

Before you can do any of that, you need to register an application within Azure Active Directory (Azure AD). This process creates a secure identity for your application to authenticate and access Power BI services. This article provides a clear, step-by-step walkthrough of how to register your app, grant it the necessary permissions, and get it ready for action.

Why Do You Even Need to Register a Power BI App in Azure?

Registering an application in Azure AD might seem like an overly technical first step, but it’s the foundation for security and control. Think of it like a digital ID card for your software. It tells Microsoft’s services, including Power BI, exactly which application is making a request and what it is - and isn't - allowed to do. This process is essential for two primary use cases:

• Embedding Power BI Content: If you want to embed a Power BI report, dashboard, or tile into your own custom web application for your customers or colleagues (the "embed for your customers" and "embed for your organization" scenarios), your app needs this registered identity to securely load that content.
• Using the Power BI REST API: To automate Power BI tasks - like refreshing a dataset, managing workspaces, or cloning reports programmatically - your scripts or backend services need a way to authenticate against the API. The registered app credential, known as a service principal, allows this server-to-server communication without requiring a person to log in each time.

In short, app registration is the gateway to moving beyond the Power BI web interface and integrating its powerful analytics capabilities directly into your own custom solutions and workflows.

What You’ll Need Before You Start

To ensure a smooth process, make sure you have the following ready before you begin:

• An Azure Account: You need an Azure account with an active subscription.
• An Azure AD Tenant: You must have an Azure Active Directory tenant set up. If you have an Office 365 or Microsoft 365 subscription, you already have one.
• Admin Permissions: To register an application and grant consent, you need to be an Azure AD administrator (such as a Global Administrator or Application Administrator) or have been granted permissions by an admin to register applications.
• A Power BI Account: You’ll need at least a Power BI Pro or a Premium Per User (PPU) license to work with the APIs and embedding features discussed.

Step-by-Step Guide: How to Register Your App in Azure AD

With the prerequisites out of the way, it’s time to create the app registration.

AI Agents for Marketing

Crash Course

Graphed

Free PDF · the crash course

AI Agents for Marketing Crash Course

Learn how to deploy AI marketing agents across your go-to-market — the best tools, prompts, and workflows to turn your data into autonomous execution without writing code.

Download the PDF

Step 1: Sign in to the Azure Portal and Navigate to App Registrations

First things first, log in to the Azure Portal. Once you’re in, use the search bar at the top to find Azure Active Directory and click on it.

Inside the Azure AD blade, look for the App registrations service in the left-hand navigation pane and select it. This will take you to the main dashboard for managing all applications within your directory.

Step 2: Create a New App Registration

At the top of the App registrations page, click the + New registration button. This opens the registration form where you'll define the basic details of your app.

Step 3: Configure Your Application Details

Now, you’ll need to fill out a few key fields. Don’t worry, these can all be changed later if needed.

• Name: Give your application a descriptive name that you and your team will easily recognize. For example, "Sales App Power BI Embed" or "Marketing BI Service."
• Supported account types: This determines who can use this application. For most Power BI embedding and automation scenarios, you'll choose the top option: Accounts in this organizational directory only (Single tenant). This restricts access to users within your organization's Azure AD tenant.
• Redirect URI (optional): This is the location where the authentication service sends users after they’ve been authenticated. Even if your app doesn't need it (like for a backend service), it's good practice to add one. For a web app, it would be your app's URL. For testing, you can simply choose Web from the dropdown and enter a placeholder like http://localhost/redirect.

Once you’ve filled this out, click the blue Register button at the bottom.

Step 4: Copy Your Application (Client) ID and Tenant ID

Congratulations, your application is now registered! Azure will redirect you to your app's main page. On the Overview screen, you'll find a few critical identifiers. The two most important ones are:

• Application (client) ID: This is the unique public identifier for your app. Think of it as its username.
• Directory (tenant) ID: This uniquely identifies your instance of Azure AD.

Copy both of these values and store them somewhere safe, like a password manager. You'll need them to configure your application's code later on.

Step 5: Create a Client Secret

The client ID is public, but to prove its identity, your app also needs a password. In Azure AD, this is called a client secret. To create one:

1. In your app registration's left navigation menu, click on Certificates & secrets.
2. Under the Client secrets tab, click on + New client secret.
3. Give the secret a description (e.g., "PrimaryAppSecret") and select an expiration time. Picking a longer duration is fine for development but for production, you should implement a secret rotation policy.
4. Click Add.

This is extremely important: Azure will now display the secret's Value. Copy this value immediately. Once you navigate away from this page, you will never be able to see it again. Store it securely with your Client ID and Tenant ID. If you lose it, you'll have to create a new one.

Graphed

Build AI Agents for Marketing

Build virtual employees that run your go to market. Connect your data sources, deploy autonomous agents, and grow your company.

Build Your First Agent

Next Up: Granting API Permissions for Power BI

You’ve successfully created an ID card and a password for your app. Now you need to grant that ID card access to the 'building' which, in this case, is the metaphorical Power BI Service.

Step 1: Navigate to API Permissions

In your app registration's navigation menu, click on API permissions. By default, your app will have one permission: User.Read for Microsoft Graph. This is standard and you can leave it there. We need to add permissions for Power BI.

Step 2: Add Power BI Service APIs

Click the + Add a permission button. On the "Request API permissions" pane that appears, choose Power BI Service from the list of Microsoft APIs.

Step 3: What Kind of Permissions Do You Need? Delegated vs. Application

This is a crucial decision point based on your objective.

• Delegated permissions: Use this when a signed-in user is present. Your app will act on behalf of the user. For example, when embedding reports for users in your organization, the app will show them the content they personally have permission to see in Power BI.
• Application permissions: Use this when your app runs as a backend service or daemon with no user signed in. Your app acts as itself. This is used for "embed for your customers" scenarios (app-owns-data) or server-side automation scripts, where the application has its own permissions independent of any user.

Once you’ve selected them, check the boxes next to the permissions your application requires. Start with the minimum required permissions to follow the principle of least privilege.

Once you’ve selected them, click Add permissions.

Step 4: Grant Admin Consent

The permissions you've added are now listed, but they likely have a "Not granted for..." status warning. For these permissions to be active, they need consent from a tenant administrator. On the API permissions screen, click the button that says Grant admin consent for [Your Organization Name]. A popup will ask you to confirm - click Yes. The statuses should now update to a green checkmark, indicating that consent has been granted. Your app is now legally allowed to use those permissions.

AI Agents for Marketing

Crash Course

Graphed

Free PDF · the crash course

AI Agents for Marketing Crash Course

Learn how to deploy AI marketing agents across your go-to-market — the best tools, prompts, and workflows to turn your data into autonomous execution without writing code.

Download the PDF

Final Step: Enable Service Principal Access in Power BI

One final, crucial step often gets overlooked. You've given your Azure app permission for Power BI, but you also need to tell your Power BI instance to trust apps (or "service principals") that have these permissions.

1. Sign in to your Power BI account as an admin.
2. Go to the Settings gear icon -> Admin portal.
3. Click on Tenant settings and scroll down to the "Developer settings" section.
4. Expand the setting named Allow service principals to use Power BI APIs.
5. Enable it. For better security, instead of applying it to the "Entire organization," you can apply it to "Specific security groups" and add your newly created service principal to that group in Azure AD.

Click Apply and you're all set. Your application is now fully registered, configured, and trusted by Power BI. You can start using its credentials in your code to embed reports or make API calls.

Final Thoughts

This tutorial covered the end-to-end process of registering an application in Azure Active Directory so it can securely interact with Power BI. You’ve created an app identity, generated credentials, and configured the precise API permissions needed to integrate Power BI into your custom apps and automated workflows.

While mastering these configurations is great for building custom software, sometimes you just need to connect all your marketing and sales data sources for quick, clear insights without this level of setup. Instead of navigating APIs and app registrations, we created Graphed to connect your data in one click and let you build real-time dashboards using simple, natural language. For those times when the goal is a fast answer to questions like "Which Facebook campaigns are driving the most Shopify sales?" a more direct approach gets you the insights you need instantly!