Open PowerBI page from external IdP-initiated SSO

Giacomo Bianco 20 Reputation points
2023-05-24T09:49:05.49+00:00

On my AzureAD tenant I added WSO2 as SAML2 external identity provider. On the same tenant, I created a PowerBI report and I linked it in an internal application we use. In that application the users are logged in with their WSO2 account.

When they click on the report link, they land on the PowerBI signIn page where they must insert the email. Than Microsoft recognizes the federated domain in their email and redirects them to WSO2 login page, where they are already logged in and so they can proceed to the report without inserting the password again.

Is there a way to avoid the PowerBI signIn page so that users are not asked to insert their email again? As you would expect from an IdP-Initiated SSO flow.

Thank you

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,759 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. 2023-05-31T09:16:45.38+00:00

    Hello @Giacomo Bianco , to avoid the PowerBI signIn page so that users are not asked to insert their email again, try passing the userPrincipalName in the the UPN query param of your PowerBI report URL. Eg. https://app.powerbi.com/groups/23b2a7a1-494c-4a96-b1a6-e1a2e17396cb/datasets/6ed3c106-a135-4c66-b93e-f1c6da35800a?experience=power-bi&UPN=alfredorevilla@contoso.com

    Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing a similar issue can easily find a solution.