Integrate Power BI 编辑

Integrate with Power BI to track important reports and dashboards in Citrix Workspace.

Use the following process to enable the Power BI Integration. Ensure you meet the prerequisites and provide connection details. After you complete this process, your existing level of audit logging persists, including any actions carried out by the use of Citrix Microapps.

For a comprehensive list of out-of-the-box Power BI microapps, see Use Power BI microapps.

Review prerequisites

You must have a Power BI service account. For more information, go to https://powerbi.microsoft.com/en-us/landing/signin/. For any report to be shared through Citrix Microapps, the report must be shared with the Power BI service account.

Depending on your set-up, potentially two accounts are needed:

• An account that has permissions to create an app registration in Azure AD. This account might be problematic depending on which subscription/tenant it associates with first.
• A service account that is used to authenticate the integration.

These prerequisites assume you administer the Power BI instance of your organization to set up the integration. The service account must have the following API Permissions assigned with Type: Delegated:

After you set up this integration in Power BI, you will need these artifacts to add the integration in Citrix Workspace Microapps:

• Client ID
• Client Secret
• OAuth Authorization

Register your application

Navigate to https://dev.powerbi.com/apps, and register your application with Azure AD to allow your application to access the Power BI REST APIs and to set resource permissions for your application. Through this registration process, you create your Client ID and Client Secret.

The first callback that is listed does not change. The second callback depends on the target application, and can be found in your URL address bar when creating the integration. The section {yourmicroappserverurl} is composed of a tenant part, a region part, and an environment part: https://{tenantID}.{region(us/eu/ap-s)}.iws.cloud.com.

You can only register one URL in the first field. Enter one URL in the Server-side web application registration page. Then go to Azure AD App Registration to add the second URL.

1. Enter a name for your application.
2. Select Server-side web application.
3. Enter your application’s Home Page URL. This value must be the URL of the Citrix cloud tenant (the Microapps server URL). For example, https://<customer_id>.us.iws.cloud.com. You can find this Microapps server URL in the URL bar when logged in to Citrix Microapps.

4. Enter one of the following Redirect URLs: https://{yourmicroappserverurl}/app/api/auth/serviceAction/callback https://{yourmicroappserverurl}/admin/api/gwsc/auth/serverContext

   Note:

   Two URLs are not permitted in this field. Go to Azure AD App Registration to add the second URL.

5. Select all read only APIs check boxes.
6. Select Register.

7. Navigate to Azure App Registrations > Authentication and enter the second callback URL.

   

Add the integration to Citrix Workspace Microapps

Add the Power BI integration to Citrix Workspace Microapps to connect to your application. This delivers out-of-the-box microapps with pre-configured notifications and actions which are ready to use within your Workspace.

Follow these steps:

1. From the Microapp Integrations page, select Add New Integration, and Add a new integration from Citrix-provided templates.
2. Choose the Power BI tile.
3. Enter an Integration name for the integration.
4. Enter Connector parameters.
   • Enter the instance Base URL: https://api.powerbi.com/v1.0/myorg
   • Select an Icon for the integration from the Icon Library, or leave this as the default ServiceNow icon.
   • Enable the On-premises instance toggle if you are creating an on-premises connection. For more information, see On-premises instance.

5. Under Service authentication, select OAuth 2.0 from the Authentication method menu and complete the authentication details. The authentication options are preselected. Ensure that these options are selected as you complete the process. Use the OAuth 2.0 security protocol to generate request/authorization tokens for delegated access. It is recommended that you always use OAuth 2.0 as your service authentication method where available. OAuth 2.0 ensures that your integration meets the maximum security compliance with your configured microapp.

   1. Select Authorization code from the Grant type menu. This grants a temporary code that the client exchanges for an access token. The code is obtained from the authorization server where you can see the information the client is requesting. Only this grant type enables secure user impersonation. This displays the Callback URL, which you use when registering your application.
   2. Select Request body from the Token authorization menu.
   3. The Authorization URL is prefilled: https://login.microsoftonline.com/{tenantID}/oauth2/authorize
   4. The Token URL is prefilled: https://login.microsoftonline.com/{tenantID}/oauth2/token
   5. Ensure the following is entered for Scope: Tenant.Read.All
   6. Enter your Client ID. The client ID is the string representing client registration information unique to the authorization server. You collect this and the secret when you configured the OAuth server. You need to add the Callback URL you see on the integration configuration page.
   7. Enter your Client secret. The client secret is a unique string issued when setting up the target application integration.
   8. Under Access token parameters, ensure that the following is entered for Name: resource, and for Value: https://analysis.windows.net/powerbi/api.

6. Under Service Action Authentication, enable the Use Separate User Authentication in Actions toggle. Service action authentication authenticates at the service action level. The authentication options are preselected. Ensure that these options are selected as you complete the process.

   1. Select OAuth 2.0 from the Authentication method menu and complete the authentication details.
   2. Select Authorization code from the Grant type menu. This grants a temporary code that the client exchanges for an access token. The code is obtained from the authorization server where you can see the information the client is requesting. Only this grant type enables secure user impersonation. This will display the Callback URL, which you use when registering your application.
   3. Select Request body from the Token authorization menu.
   4. The Authorization URL is prefilled: https://login.microsoftonline.com/{tenantID}/oauth2/authorize
   5. The Token URL is prefilled: https://login.microsoftonline.com/{tenantID}/oauth2/token
   6. Ensure the following is entered for Scope: Tenant.Read.All
   7. Enter your Client ID. The client ID is the string representing client registration information unique to the authorization server. You collect this and the secret when you configured the OAuth client. You need to add the Callback URL you see on the integration configuration page.
   8. Enter your Client secret. The client secret is a unique string issued when setting up the target application integration.
   9. Under Access token parameters, ensure that the following is entered for Name: resource, and for Value: https://analysis.windows.net/powerbi/api.
7. (Optional) If you want to activate rate limiting for this integration, enable the Request rate limiting toggle and set the Number of requests per Time interval.

8. (Optional) Enable Logging toggle to keep 24 hours of logging for support purposes.

   

9. Select Save to proceed.
10. Under OAuth Authorization, select Authorize to log in with your service account. A pop-up appears with a Power BI login screen.
    1. Enter your Service Account user name and password and select Log in.
    2. Select Accept.

The Microapp Integrations page opens with your added integration and its microapps. From here you can add another integration, continue setting up your out-of-the-box microapps, or create a new microapp for this integration.

You are now ready to set and run your first data synchronization. For complete information about synchronization rules, synchronization that does not meet its schedule and veto rules, see Synchronize data.

For more details of API endpoints and table entities, see Power BI connector specifications.

Use Power BI microapps

Existing Web/SaaS integrations come with out-of-the-box microapps. Start with these microapps and customize them for your needs.

Our Power BI integration template comes with the following preconfigured out-of-the-box microapps:

Dashboards: View details of Power BI dashboards. The list of dashboards is personalized, so you only see the dashboards that are part of your Citrix Workspaces in Power BI.

Reports: View details of Power BI reports. The lists of reports is personalized, so you only see the reports that are part of your Citrix Workspaces in Power BI.