locked
Creating -body parameters for Invoke-RestMethod / Invoke-PowerBIRestMethod RRS feed

  • Question

  • We have a lot of data sources listed on our Power BI gateway (~200) and an IS enforced policy to change passwords every 45 days. The current process is for someone to go through these data sources and input the new credentials as and when they change, obviously very time consuming. I want to be able to improve the efficiency of this process by creating a PowerShell script.

     

    I'm using the officially supported Power BI PowerShell module but I'm having difficulty building the Windows version of the -Body for the Invoke-PowerBIRestMethod command.

     

    The request body should be as follows;

     

    {
      "credentialDetails": {
        "credentialType": "Windows",
        "credentials": "{\"credentialData\":[{\"name\":\"username\", \"value\":\"contoso\\john\"},{\"name\":\"password\", \"value\":\"*****\"}]}",
        "encryptedConnection": "Encrypted",
        "encryptionAlgorithm": "RSA-OAEP",
        "privacyLevel": "Organizational"
      }
    }

    Its the bit in red I cannot create, I can get;

     

    {
      "credentialDetails": {
        "encryptedConnection": "Encrypted",
        "privacyLevel": "Organizational",
        "credentialType": "Windows",
        "encryptionAlgorithm": "RSA-OAEP",
        "credentials": "???"
      }
    }

    By using the following PowerShell;

    $TEST = 
      [pscustomobject]
        @{
          'credentialDetails' = 
            @{
              credentialType = 'Windows'; 
              credentials = '???';
              encryptedConnection = 'Encrypted'; 
              encryptionAlgorithm = 'RSA-OAEP'; 
              privacyLevel = "Organizational"
            }
        } 
      | ConvertTo-Json

    How do I build in the red text into the PowerShell above, I've tried various things but cannot seem to get the syntax correct.

     

    Thanks

    Monday, July 8, 2019 10:55 AM

Answers

  • Worked with some slight modifications

    $TEST = @{
          'credentialDetails' = 
            @{
              credentialType = 'Windows'; 
              credentials = '{"credentialData":[{"name":"username", "value":"<REDACTED>"},{"name":"password", "value":"<REDACTED>"}]}';
              encryptedConnection = 'Encrypted'; 
              encryptionAlgorithm = 'RSA-OAEP'; 
              privacyLevel = "Organizational"
            }
        }   | ConvertTo-Json

    However the overall REST request did not so looks like a support ticket to MS to resolve. Bonus question, I'd rather not have to hard code the username and password, I have the username and a secure form of the password earlier in the script as variables ($domainUsername, $securePassword), how would I integrate those into the above?

    • Marked as answer by MCarlisle3 Wednesday, July 31, 2019 2:18 PM
    Monday, July 8, 2019 2:09 PM
  • Easiest way to do the same is either by string concatenation or variable substitution:

    $userName = "SomeUser"
    $password = "SomePassword"
    
    $credentials = '{"credentialData":[{"name":' + $userName + ', "value":"<REDACTED>"},{"name":' + $password + ', "value":"<REDACTED>"}]}'
    
    
    $TEST = @{
          'credentialDetails' = 
            @{
              credentialType = 'Windows'; 
              credentials = $credentials;
              encryptedConnection = 'Encrypted'; 
              encryptionAlgorithm = 'RSA-OAEP'; 
              privacyLevel = "Organizational"
            }
        }   | ConvertTo-Json
    
    
    

    It's not recommended to use hardcoded username and password in an api call, try to encode the username and password pair or use the Get-Credential cmdlet available in powershell

    Monday, July 8, 2019 2:50 PM

All replies

  • Try below:
    $TEST = @{
          'credentialDetails' = 
            @{
              credentialType = 'Windows'; 
              credentials = '{\"credentialData\":[{\"name\":\"username\", \"value\":\"contoso\\john\"},{\"name\":\"password\", \"value\":\"*****\"}]}';
              encryptedConnection = 'Encrypted'; 
              encryptionAlgorithm = 'RSA-OAEP'; 
              privacyLevel = "Organizational"
            }
        }   | ConvertTo-Json

    Monday, July 8, 2019 11:10 AM
  • Worked with some slight modifications

    $TEST = @{
          'credentialDetails' = 
            @{
              credentialType = 'Windows'; 
              credentials = '{"credentialData":[{"name":"username", "value":"<REDACTED>"},{"name":"password", "value":"<REDACTED>"}]}';
              encryptedConnection = 'Encrypted'; 
              encryptionAlgorithm = 'RSA-OAEP'; 
              privacyLevel = "Organizational"
            }
        }   | ConvertTo-Json

    However the overall REST request did not so looks like a support ticket to MS to resolve. Bonus question, I'd rather not have to hard code the username and password, I have the username and a secure form of the password earlier in the script as variables ($domainUsername, $securePassword), how would I integrate those into the above?

    • Marked as answer by MCarlisle3 Wednesday, July 31, 2019 2:18 PM
    Monday, July 8, 2019 2:09 PM
  • Easiest way to do the same is either by string concatenation or variable substitution:

    $userName = "SomeUser"
    $password = "SomePassword"
    
    $credentials = '{"credentialData":[{"name":' + $userName + ', "value":"<REDACTED>"},{"name":' + $password + ', "value":"<REDACTED>"}]}'
    
    
    $TEST = @{
          'credentialDetails' = 
            @{
              credentialType = 'Windows'; 
              credentials = $credentials;
              encryptedConnection = 'Encrypted'; 
              encryptionAlgorithm = 'RSA-OAEP'; 
              privacyLevel = "Organizational"
            }
        }   | ConvertTo-Json
    
    
    

    It's not recommended to use hardcoded username and password in an api call, try to encode the username and password pair or use the Get-Credential cmdlet available in powershell

    Monday, July 8, 2019 2:50 PM
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Lee


    Just do it.

    Wednesday, July 31, 2019 8:27 AM