Power BI XMLA Connection

See the Connector Marketplace topic. Please request your administrator to start a trial or subscribe to the Premium Power BI XMLA connector.

Power BI XMLA enhances the Power BI experience by providing XMLA (XML for Analysis) connectivity, enabling advanced data modeling and analytics.

This topic describes how to authenticate to Power BI XMLA and configure any necessary connection properties in the Power BI XMLA connection connector.

Connection Configuration

Each connection property available in the Power BI XMLA connector is explained below.


Connection Name

The name of the connection to be created should be provided. This is the name that will display on the list of available connections.


Auth Scheme

The type of authentication to use when connecting to Microsoft Power BI XMLA.

Possible Values:

  • AzureAD: Set this to perform Azure Active Directory OAuth authentication.

  • AzureServicePrincipal: Set this to authenticate as an Azure Service Principal using client credentials.

  • AzureServicePrincipalCert: Set this to authenticate as an Azure Service Principal using a certificate.


If Auth Scheme is AzureAD or AzureServicePrincipal

Client ID

The client Id assigned when you register your application with an OAuth authorization server.

Client Secret

The client secret assigned when you register your application with an OAuth authorization server.

Refresh Token

The OAuth refresh token for the corresponding OAuth access token.


If Auth Scheme is AzureServicePrincipalCert

OAuth JWT Cert

The name of the certificate store for the client certificate.

OAuthJWTCert is used in conjunction with the OAuthJWTCertSubject field in order to specify client certificates. If OAuthJWTCert has a value, and OAuthJWTCertSubject is set, a search for a certificate is initiated.

OAuthJWT Certificate Type

The type of key store containing the JWT Certificate.

This property can take one of the following values:

  • PFX: The certificate store is the name of a PFX (PKCS12) file containing certificates.

  • PFXBLOB: The certificate store is a string (base-64-encoded) representing a certificate store in PFX (PKCS12) format.

  • JKSFILE: The certificate store is the name of a Java key store (JKS) file containing certificates. Note: this store type is only available in Java.

  • JKSBLOB: The certificate store is a string (base-64-encoded) representing a certificate store in Java key store (JKS) format. Note: this store type is only available in Java.

  • PEMKEY_FILE: The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.

  • PEMKEY_BLOB: The certificate store is a string (base64-encoded) that contains a private key and an optional certificate.

  • PUBLIC_KEY_FILE: The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.

  • PUBLIC_KEY_BLOB: The certificate store is a string (base-64-encoded) that contains a PEM- or DER-encoded public key certificate.

  • SSHPUBLIC_KEY_FILE: The certificate store is the name of a file that contains an SSH-style public key.

  • SSHPUBLIC_KEY_BLOB: The certificate store is a string (base-64-encoded) that contains an SSH-style public key.

  • P7BFILE: The certificate store is the name of a PKCS7 file containing certificates.

  • PPKFILE: The certificate store is the name of a file that contains a PPK (PuTTY Private Key).

  • XMLFILE: The certificate store is the name of a file that contains a certificate in XML format.

  • XMLBLOB: The certificate store is a string that contains a certificate in XML format.


OAuthJWT Certificate Password

If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store.


OAuthJWT Certificate Subject

The subject of the OAuth JWT certificate.

When loading a certificate the subject is used to locate the certificate in the store.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value “*” picks the first certificate in the certificate store.

The certificate subject is a comma separated list of distinguished name fields and values. For instance “CN=www.server.com, OU=test, C=US, E=support@gathr.one”.

Common fields and their meanings are displayed below:

FieldMeaning
CNCommon Name. This is commonly a host name like www.server.com.
OOrganization
OUOrganizational Unit
LLocality
SState
CCountry
EEmail Address

If a field value contains a comma it must be quoted.


Upload OAuthJWTCert File

Option to upload the OAuth JWT certificate file.


Azure Tenant

The Microsoft Online tenant being used to access data. If not specified, your default tenant is used.

For instance, contoso.onmicrosoft.com. Alternatively, specify the tenant Id. This value is the directory Id in the Azure Portal > Azure Active Directory > Properties.


Azure Environment

The Azure Environment to use when establishing a connection.

Possible Values:

  • GLOBAL

  • CHINA

  • USGOVT

  • USGOVTDO


Enable SSL

Option to enable SSL. This field sets whether the connector will attempt to negotiate TLS/SSL connections to the server. By default, the connector checks the server’s certificate against the system’s trusted certificate store.

SSL Client Certificate

The TLS/SSL client certificate store for SSL Client Authentication (2-way SSL).

The name of the certificate store for the client certificate.

If the store is password protected, specify the password in the SSL Client Cert Password field.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

Certificate DesignationDescription
MYA certificate store holding personal certificates with their associated private keys.
CACertifying authority certificates.
ROOTRoot certificates.
SPCSoftware publisher certificates.

In Java, the certificate store normally is a file containing certificates and optional private keys.

When the certificate store type is PFXFile, this property must be set to the name of the file.

When the type is PFXBlob, the property must be set to the binary contents of a PFX file (for example, PKCS12 certificate store).


SSL Client Cert Type

The type of key store containing the TLS/SSL client certificate.

This property can be set to one of the following values:

Property ValueDescription
USER - defaultFor Windows, this specifies that the certificate store is a certificate store owned by the current user. Note that this store type is not available in Java.
MACHINEFor Windows, this specifies that the certificate store is a machine store. Note that this store type is not available in Java.
PFXFILEThe certificate store is the name of a PFX (PKCS12) file containing certificates.
PFXBLOBThe certificate store is a string (base-64-encoded) representing a certificate store in PFX (PKCS12) format.
JKSFILEThe certificate store is the name of a Java key store (JKS) file containing certificates. Note that this store type is only available in Java.
JKSBLOBThe certificate store is a string (base-64-encoded) representing a certificate store in JKS format. Note that this store type is only available in Java.
PEMKEY_FILEThe certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
PEMKEY_BLOBThe certificate store is a string (base64-encoded) that contains a private key and an optional certificate.
PUBLIC_KEY_FILEThe certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
PUBLIC_KEY_BLOBThe certificate store is a string (base-64-encoded) that contains a PEM- or DER-encoded public key certificate.
SSHPUBLIC_KEY_FILEThe certificate store is the name of a file that contains an SSH-style public key.
SSHPUBLIC_KEY_BLOBThe certificate store is a string (base-64-encoded) that contains an SSH-style public key.
P7BFILEThe certificate store is the name of a PKCS7 file containing certificates.
PPKFILEThe certificate store is the name of a file that contains a PuTTY Private Key (PPK).
XMLFILEThe certificate store is the name of a file that contains a certificate in XML format.
XMLBLOBThe certificate store is a string that contains a certificate in XML format.

SSL Client Cert Password

If the certificate store is of a type that requires a password, this property is used to specify that password to open the certificate store.


SSL Client Cert Subject

The subject of the TLS/SSL client certificate.

When loading a certificate the subject is used to locate the certificate in the store.

If an exact match is not found, the store is searched for subjects containing the value of the property. If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value “*” picks the first certificate in the certificate store.

The certificate subject is a comma separated list of distinguished name fields and values. For example, “CN=www.server.com, OU=test, C=US, E=support@company.com”.

The common fields and their meanings are shown below.

FieldMeaning
CNCommon Name. This is commonly a host name like www.server.com.
OOrganization
OUOrganizational Unit
LLocality
SState
CCountry
EEmail Address

Upload Keystore File

If SSL is enabled, a keystore file has to be uploaded using this option.


Advanced Configurations

This section contains advanced configuration parameters.

Use MDX

Set this to true to pass MDX queries to Microsoft Power BI XMLA as-is.


Show Hidden Entities

Set this to true to include hidden dimensions, measures and levels.


Custom Headers

Other headers as determined by the user (optional).

The headers must be of the format “header: value” as described in the HTTP specifications. Header lines should be separated by the carriage return and line feed (CRLF) characters.

Use this property with caution. If this property contains invalid headers, HTTP requests may fail.


Connection LifeTime

The maximum lifetime of a connection in seconds. Once the time has elapsed, the connection object is disposed.

The default is 0 which indicates there is no limit to the connection lifetime.


Workspace

The comma separated PowerBI workspace(s) to connect to.

If not specified, objects from all workspaces will be available. This will cause extra requests to be executed to list objects from all workspaces.

Note: The workspace names are case-sensitive.


Extra Properties

Additional properties to submit on each MDX request to Microsoft Power BI XMLA.

Use name=value pairs separated by a semicolon to submit the properties. For example, Catalog=MyCatalog;Cube=MyCube;.

A list of properties may be found by executing SELECT * FROM $System.DISCOVER_PROPERTIES.


Add Configuration: Additional properties can be added using this option as key-value pairs.


After entering all the details, click on the TEST button.

If the connection service identification and authentication details are provided correctly, a success message stating “connection available” is generated.

Click on the CREATE button to save the changes.

If the details are incorrect or the server is down, you will get a message “Connection unavailable”.

Top