One Identity open source projects are supported through One Identity GitHub issues and the One Identity Community. This includes all scripts, plugins, SDKs, modules, code snippets or other solutions. For assistance with any One Identity GitHub project, please raise a new Issue on the One Identity GitHub project page. You may also visit the One Identity Community to ask questions. Requests for assistance made through official One Identity Support will be referred back to GitHub and the One Identity Community forums where those requests can benefit all users.
This is a Power BI Custom Connector for One Identity' Identity Manager.
Historically, there has never been a simple, centralized and widely used reporting solution for customers. PowerBI is the first solution to reach into customer organizations, and there is a trend for customers to use PowerBI as their central reporting engine. Even though One Identity Manager is based on a SQL Server database and PowerBI provides a SQL Server data source, with the rise of One Identity Manager OnDemand and more customers using SQL Managed Instance in Azure, SQL is not necessarily a protocol that can be used.
The Power BI connector for One Identity Manager is designed to replace the need for direct SQL access to a One Identity Manager database. Instead, it uses the application server's REST API to connect to a One Identity Manager database. The benefits are:
- using https as a protocol instead of SQL
- by requiring One Identity Manager authentication, the permissions layer in One Identity Manager ensures that users see only the information they are authorized to see
Just one sample demo report by using the Power BI Custom Connector:
- Install Microsoft Visual Studio 2019
- Install the Power Query SDK from the Visual Studio Marketplace
- Clone this project
- Compile the project
- Copy the resulting
IdentityManager.mezfile over to the machine running Microsoft Power BI Desktop - If not already done, create a folder structure as
Power BI Desktop\Custom Connectorsunder your documents directory (C:\Users\<Your-Profile-Name>\Documents\) and place theIdentityManager.mezfile there - Restart Power BI Desktop
Obtain an IdentityManager.mez by building it as described in the Development quickstart or by downloading it from the latest release.
Copy the file to C:\Users\<Your-Profile-Name>\Documents\Power BI Desktop\Custom Connectors.
There is also a second version of the connector called IdentityManagerAzure.mez which supports Azure OAuth 2.0 login. Please read these instructions to use your Azure login instead of the One Identity RSTS server login.
Once the file IdentityManager.mez is in place, you can load the Custom Connector in Power BI Desktop:
Because the Power BI Custom Connector for One Identity Manager is unsigned, you receive an error like this:
When the connector is loaded you have to specify the URL for the Application Server and the URL of the Redistributable Secure Token Server (RSTS):
You will need to log in the first time you try to make a connection:
The Secure Token Server uses OAuth2, so we just log in to a domain:
After successfully authenticating and logging in, we see the following dialog. The Identity Manager Power BI Custom Connector uses OpenAPI to access all Application Server functions that can return data. All of these functions can be used in PowerBI queries:
- This will only work with Identity Manager 8.2 and greater. Any prior release will not work.
- You must allow non-certified custom connectors in Power BI Desktop as shown here
- You need to assign an OAuth 2.0/OpenID connect application to the web application of the application server in the One Identity Manager Designer, as shown here. If you are using the One Identity RSTS server, you must assign the OAuth 2.0/OpenID connect application of the RSTS server to the application server.
- You must activate Role Bases Access Token Auth in the One Identity Manager Designer configuaration parameters, as shown here
- You must assign the feature group
Enables access to the REST API in the application server.to the One Identity Manager person (identity) that is used to log in to the application server in the OAuth2 login process in the Custom Connector.
Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are highly appreciated.
- Fork this project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Distributed under the One Identity - Open Source License. See LICENSE for more information.
Custom connectors are written using the Power Query M functional formula language. A language reference can be found here https://docs.microsoft.com/en-us/powerquery-m/