This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
On my AzureAD tenant I added WSO2 as SAML2 external identity provider. On the same tenant, I created a PowerBI report and I linked it in an internal application we use. In that application the users are logged in with their WSO2 account.
When they click on the report link, they land on the PowerBI signIn page where they must insert the email. Than Microsoft recognizes the federated domain in their email and redirects them to WSO2 login page, where they are already logged in and so they can proceed to the report without inserting the password again.
Is there a way to avoid the PowerBI signIn page so that users are not asked to insert their email again? As you would expect from an IdP-Initiated SSO flow.
Thank you
Hello @Giacomo Bianco , to avoid the PowerBI signIn page so that users are not asked to insert their email again, try passing the userPrincipalName in the the UPN query param of your PowerBI report URL. Eg. https://app.powerbi.com/groups/23b2a7a1-494c-4a96-b1a6-e1a2e17396cb/datasets/6ed3c106-a135-4c66-b93e-f1c6da35800a?experience=power-bi&UPN=alfredorevilla@contoso.com
Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing a similar issue can easily find a solution.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 69%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVD%3C/text%3E%3C/svg%3E)
Does the UPN on the URL also work if your PowerbI runs on Contoso.com but the UPN is contoso2.com ? and contoso2.com is a federated domain of contoso.com where the powerbi domain resides?