Share via

Open PowerBI page from external IdP-initiated SSO

Giacomo Bianco 20 Reputation points
2023-05-24T09:49:05.49+00:00

On my AzureAD tenant I added WSO2 as SAML2 external identity provider. On the same tenant, I created a PowerBI report and I linked it in an internal application we use. In that application the users are logged in with their WSO2 account.

When they click on the report link, they land on the PowerBI signIn page where they must insert the email. Than Microsoft recognizes the federated domain in their email and redirects them to WSO2 login page, where they are already logged in and so they can proceed to the report without inserting the password again.

Is there a way to avoid the PowerBI signIn page so that users are not asked to insert their email again? As you would expect from an IdP-Initiated SSO flow.

Thank you

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator
    2023-05-31T09:16:45.38+00:00

    Hello @Giacomo Bianco , to avoid the PowerBI signIn page so that users are not asked to insert their email again, try passing the userPrincipalName in the the UPN query param of your PowerBI report URL. Eg. https://app.powerbi.com/groups/23b2a7a1-494c-4a96-b1a6-e1a2e17396cb/datasets/6ed3c106-a135-4c66-b93e-f1c6da35800a?experience=power-bi&UPN=******@contoso.com

    Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing a similar issue can easily find a solution.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.