ProEmbedded Documentation

Complete guide for the ProEmbedded Portal - Power BI Embedded Analytics Platform

Last synchronized: January 20, 2026 at 11:51

Documentation

Service Principal Entra Security Group Use Custom Domain Fabric Admin Settings Capacity Settings Workspace Configuration Update Client Secret Azure Budget & Cost Control

Fabric / Embedded Capacity

Power BI Capacity Power BI Capacity Monitoring

Azure Resources

App Service SQL Server & DB Storage Account

ProEmbedded Portal

Pages/Roles/Users Fabric/Embedded Capacity Full Screen View As Role Text in Browser Tab Adding Hyperlinks Adding PDFs Export to PDF/PowerPoint/PNG Paginated Reports Synchronization Third-Party Services Google Auth Menu Configuration

Support & Troubleshooting

Issues during the Installation Microsoft Login Issues

Welcome to ProEmbedded Documentation

Browse our comprehensive documentation to learn everything about the ProEmbedded Portal.

Tip: Use the sidebar to navigate through different sections, or click on a category below to get started.

Documentation Categories

Installation

Complete guide to installing and configuring ProEmbedded in your environment.

8 articles

Fabric / Embedded Capacity

Learn how to work with Microsoft Fabric and Power BI Embedded Capacity.

2 articles

Azure Resources

Information about Azure resources used by the ProEmbedded Portal.

3 articles

ProEmbedded Portal

Learn how to use and configure features in the ProEmbedded Portal.

13 articles

Support & Troubleshooting

Help and troubleshooting guides for common issues.

2 articles

Service Principal

What is a Service Principal and why do we need one?

The Service Principal is the technical user that will be used to access the Power BI Reports. It is the user that has access to the Power BI Workspaces that will be shown in the ProEmbedded Portal.

How to create a Service Principal

Log in to Microsoft Entra and register a new application
Make the selections as shown on the screenshot below. Note that you can pick the name you like for the Service principal.

Redirect URI

The URI to be used was sent to you via email. Please make sure to use the exact URI from our email to make the ProEmbedded Portal work. Later on in the process, you can also connect the ProEmbedded Portal to a custom domain.
Copy the Application (client) ID and save it somewhere, you will need it later in the installation process.
Navigate to "Certificates & secret" and create a new client secret.
Add a description for the client secret. You can use the one from the screenshot or input your own description. Decide when the client secret should expire.

Expiry of Client Secret

When there is no valid client secret assigned to the Service Principal, users will not be able to see any reports in the ProEmbedded Portal. Therefore, it can be a good idea to set the expiry date at the maximum. We also have an article that shows how to create a new client secret and add it to the ProEmbedded Portal.
Copy the Secret Value. You will have to add it to the ProEmbedded Portal

Security

The Secret Value is only shown when a new Client Secret is generated. You will not be able to show it again after that. In case you were a bit too quick and don't see the Client Secret, simply create a new one according to the steps above.
Navigate to "API permissions" and select "Add a permission" to enable the ProEmbedded Portal to send emails.
Select "Microsoft Graph".
Select "Application permissions".
Search for and select "mail.send" and "add permissions".
Add another permission. This time, select "Power BI Service".
Select "Delegates permissions".
Search for and select "Dataset.Read.All"
Search for and select "PaginatedReports.Read.All" and "add permissions".
Double check to see if you have added the correct permissions and give admin consent to activate the new setting.
Once done with this, the Client (App) ID and Client Secret need to be added to the ProEmbedded Portal as shown here.

Entra Security Group

To be able to give access to the previously created Service Principal, it first has to be added to an Entra Security Group.

How to create an Entra Security Group and add the Service Principal to it

Log in to Microsoft Entra and create a new Group
Make the selections as shown on the screenshot below. Note that you can pick the name you like for the Security Group.

Name of user

Note that your Service Principal might have a different name than the one you see in the screenshot. Search for and add the Service Principal you created in this step of the installation.
Verify that the newly created Security Group shows 1 member. Then confirm and move on to the next step of the installation.

Use Custom Domain

Connecting the ProEmbedded Portal to a Custom Domain

When you first install the ProEmbedded Portal, a domain like https://yourname.azurewebsite.net is automatically assigned. it's very likely, that you prefer to use a Custom Domain such as https://portal.yourname.com or similar. To do this, you can configure a Custom Domain in the Azure Portal and add some DNS records to your website hosting provider. To enhance security, it's recommended to also set up an SSL certificate, which will enable HTTPS for your site instead of HTTP.

Important to know

To use a Custom Domain/url for the ProEmbedded Portal, some DNS records need to be configured. Usually, this is done by a website/server admin. The process is different, depending on where your website is hosted. You can find more information in the Microsoft documentation. Your website admin should know how to do this.

How to configure a Custom Domain

Before you start, reach out to your contact person at ProEmbedded or via our contact page. This is important because without a bit of manual work on our side, your custom domain won’t work. When reaching out, please let us know the custom domain you are planning to use and when you would like to get started with it.
Log in to the Azure Portal and find the Web App that is used for the ProEmbedded Portal. You have selected this name during installation. It can be found in the Resource Group that was created when you first installed the ProEmbedded Portal.
The next steps depend on your setup. Your website admin should be able to help you with this. Please refer to the Microsoft documentation for details.
The Custom Domain defined in the step before must now be added to the Redirect URI of the Service Principal. Log in to Microsoft Entra and find the Service Principal that is used for the Embedy Portal in App Registrations. Navigate to the Authentication menu and paste the url, including https:// and followed by /login/auth-callback into the Single-page application Redirect URI field and save your changes.
Open a new browser and navigate to the Custom Domain to test if it works. Please note that this might take a few minutes...

Fabric Admin Settings

Make changes to the Fabric / Power BI Admin Settings

To make sure the ProEmbedded Portal can access your Power BI Reports, some changes need to be made in the Fabric / Power BI Admin Portal.

Hint

You can either enable the settings for the entire organization or only for specific Security Groups. We recommend that you only enable them for specific Security Groups. To do this, simply select the respective option and add the Entra Security Group that contains the Service Principal that is used in the ProEmbedded Portal, to the list of groups. It is the Security Group that you have created in this step during the installation.

Log in to the Fabric Admin Portal. In case you don't have access, please contact your Fabric, Power BI, or Global Admin.
Find the Embed content in apps inside the Developer settings. This setting needs to be enabled.
Find Service principals can use Fabric APIs inside the Developer settings. This setting needs to be enabled.

Capacity Settings

Assigning the Service Principal to the Fabric or Power BI Embedded Capactiy.

We try to keep your licensing costs at a minimum. To be able to do this, the Service Principal needs to be given access to the Microsoft Fabric oder Power BI Embedded Capacity in the Azure Portal. This way, the ProEmbedded Portal can start/pause the used Capacity which will reduce costs of Microsoft licensing.

Hint

This only applies for paid Fabric or Embedded Capacities. If you are using a free trial capacity, you can skip this tutorial an come back once you have a paid capacity.

How to give access to the Capacity

Log in to the Azure Portal and search for Fabric or Power BI Embedded. Select the respective service and you will see all the Capacities that you have access to. Select the one that should be used in the ProEmbedded Portal.
Navigate to Access control and click add role assignment.
Navigate to Privileged administrator roles and select the Contributor role. Click next.
Click Select Member and search for and select the Security Group that was previously created.
Review and Assign

Workspace Configuration

Configuring Power BI/Fabric Workspaces

The previously created Service Principal or Entra Security Group needs to be added to the Power BI/Fabric Workspaces that should be accessible by the ProEmbedded Portal. To do this, simply navigate to the relevant workspace and add the Service Principal or Entra Group as a Member.

Update Client Secret

Updating the Client Secret in the ProEmbedded Portal

You have previously created a Service Principal. You now have to add the details of this user to the ProEmbedded Portal to make it work.

Get Client ID of the Service Principal and enter it into Service Principal Client ID and Microsoft Authentication Service Principal Client ID
Get Secret ID of the Service Principal and enter it into Service Principal Client ID Secret
Get the Secret expiry date and enter it into Service Principal Expiry Date
Save Changes

Azure Budget & Cost Control

Cost Control in Azure

Effectively managing your costs in Azure is crucial to ensure that your cloud spending aligns with your budget and business goals. Azure provides powerful tools to help you monitor and control your costs. One of the most essential practices is to create a budget in Azure, which allows you to set spending limits and receive timely notifications via email when certain thresholds are met.

This proactive approach to cost management is highly recommended for everything created in Azure! By setting up budgets, you can avoid unexpected charges and maintain better control over your cloud investments. It’s an important step to ensure that your resources are used efficiently and your spending stays on track.

To get started, the Microsoft Documentation provides detailed guidance on how to create a budget in Azure. Make cost control a priority and take advantage of these tools to safeguard your cloud spending.

Power BI Capacity

Fabric/Power BI Embedded/Power BI Premium Capacity

The ProEmbedded Portal works with any capacity. In most cases, we recommend using Microsoft Fabric Capacities due to the additional features but there might be cases where a Power BI Embedded Capacity makes more sense.

Pricing

This is a big topic, which is why we have written a blog post about Capacity pricing. it's important to know that the ProEmbedded Portal can automatically start a Capacity when somebody enters the portal and pause it when nobody is using it. This way, costs can be reduced drastically.

Monitoring

Whatever Capacity you have, it's important to monitor it to make sure it fits your needs. If you already have Power BI/Fabric Center of Excellence or something similar, the people in this team will most likely take care of this. If this is not the case and you would like to learn more, reach out to us and we can get you in touch with one of our partner companies that can help you with this. Learn more about Power BI & Fabric Capacity Monitoring here.

Power BI Capacity Monitoring

Fabric/Power BI Embedded/Power BI Premium Capacity Monitoring

Regardless if somebody is using the ProEmbedded Portal, monitoring Microsoft Fabric Capacities is a very important task.

There are a lot of good resources about this topic. Some of them are listed below.

Microsoft Fabric Capacity Metrics App: This app is designed to help administrators monitor compute and storage usage on Fabric and Power BI capacities. It provides detailed insights into utilization, processing time, and resource consumption, helping identify peak demand times and potential overloads.
Capacity Optimization Strategies: Microsoft Fabric and Power BI offer various strategies for optimizing capacity usage, such as distributing workloads across multiple capacities, using capacity units (CUs) for better granularity, and employing efficient query designs and data models to minimize compute resource consumption.
Throttling and Overload Protection: Microsoft has updated its policies to better manage throttling when capacities are overused. These policies allow for proactive monitoring and management to avoid excessive load, especially in high-usage periods.

How can we help?

ProEmbedded itself doesn't offer this service, but our partner companies (The companies of ProEmbedded's founders) are specialized in this and are ready to help you out. Simply contact us and we'll put you in touch with the right people.

App Service

Azure App Service plan & App Service

During the installation of the ProEmbedded Portal, we created an App Service plan and an App Service in your Azure environment. There is nothing you need to do with these resources. If, for whatever reason, your ProEmbedded Portal becomes slow, upgrading the App Service Plan to the next tier might be an option. Please contact us before taking any actions.

Azure App Service is a fully managed platform provided by Microsoft Azure for building, deploying, and scaling web applications. It includes built-in DevOps support for continuous deployment and integration.

An App Service Plan defines the compute resources your app uses, such as CPU, memory, and storage. The plan determines the cost, scaling options, and region where your app is hosted. You can host multiple apps within the same plan, which share these resources, making it a cost-effective solution.

To learn more:

Azure App Service Overview
App Service Plans

SQL Server & DB

Azure SQL Server and Database

During the installation of the ProEmbedded Portal, we have created an Azure SQL Server and an SQL Database. This Database contains technical data used in the ProEmbedded Portal.

Pricing

During deployment, we have selected the smallest/cheapest option. In most cases, this is enough and won't generate a lot of costs. Still, we recommend managing your Azure costs in any case. Please refer to the article about Azure Budget & Cost Control to learn how this can be done.

Backup

Azure SQL Databases provide different backup options to ensure data protection. These backups allow for point-in-time restore within the retention period, which varies depending on your settings. During the installation of the ProEmbedded Portal, a backup policy has been defined. You can manage and configure your backup settings in the Azure portal, including setting long-term retention policies, restoring databases from backups, and adjusting the backup frequency for specific needs.

For more detailed information and how-to guides, visit: Azure SQL Database Backup Overview

Important

Do not make any changes to the data in the DB. This could break the ProEmbedded Portal.

Storage Account

Azure Storage Account

During the installation of the ProEmbedded Portal, we have created an Azure Storage Account in your Azure environment. We use this to store files such as logos, icons, JSON Theme files etc. that are used in the ProEmbedded Portal.

Pricing

Azure Storage is generally a cost effective option for data storage, making it a popular choice for businesses of all sizes. Pricing is based on factors like the type of storage (e.g., Blob, File, Table, Queue), redundancy options (e.g., LRS, GRS), and access tiers (Hot, Cool, Archive). Its important to know that you only pay for what you use.

We recommend that you monitor your Azure costs by setting up a Budget in Azure.

For detailed pricing information, visit: Azure Storage Pricing.

Pages/Roles/Users

How to set up a role, configure the display of report pages for a role, and set up a user.

The portal allows you to configure roles with the settings and users you need, and also add reports from available workspaces and pages of different types to this role.

Roles, pages, users configuration settings

Click the profile icon in the bottom left corner, then select Roles/Pages/Users.

On this page, you'll see three tabs for switching between the corresponding sections. You can also search and filter by each section.

Roles configuration

In each section, you will see a similar set of buttons, in the case of roles, these are: a button for adding a role, deleting selected roles, and changing the density of role cards.

Clicking the Add Role button opens a modal window containing:
- an input field for the role name;
- a set of checkboxes for configuring the role's; capabilities;
- buttons for adding users and pages;

To add users to a role, you need to select the required user emails from the drop-down list.

Adding a page is described in the relevant section.

Pages configuration

The page configuration section also includes a search function, filtering by page type, adding a page, deleting selected pages, and changing the card density.

By clicking "Sync Reports with Power BI Service" button starts the process of synchronizing the report with the Power BI Service.

By clicking the "Add page" button, a modal window appears with the following fields:

1. Page Type: Power BI Report, Power BI Paginated Report, Iframe/Website, Hyperlink, PDF.
2. Selected the Workspace where the Report is located.
3. Report: Select the Report from list.
3. Row Level Role: In case the Semantic Model has RLS defined, this field is mandatory and the respective RLS role needs to be entered.
4. Preview Pages: Displaying report pages at the top navigation level.
5. Roles: Add the role(s) that should see this Report in the navigation menu.

Hint

After adding a page for a user's role, the added page will appear last in the navigation menu list. How to configure the menu.

It is also possible to remove a role for a page from the card by clicking on the cross icon in the role chip.

Users configuration

The page configuration section also includes a search by user email, upload users, add user, deleting selected pages, and changing the card density.

"Upload users" which will open a modal with an area that can receive a CSV file with 2 columns: role and email. This makes it possible to upload a list of data instead of doing it manually.

When adding a user, you need to enter the email addresses you want to create. After entering each email, you need to press the "Enter" button. You also need to select a user role. Submitting will be possible only if at least one email address has been added. After selecting a role, you will be shown the pages associated with that role.

Fabric/Embedded Capacity

How to manage Microsoft Fabric or Power BI Embedded Capacities in the ProEmbedded Portal.

The ProEmbedded Portal works with Power BI Embedded as well as any Fabric Capacity, including free trials. As soon as a paid capacity is used, users have the option to let the ProEmbedded Portal manage the capacity. This includes the automatic pausing when nobody is using the Portal and resuming the capacity as soon as a user logs in. This can reduce the costs drastically. In order to make sure background processes such as refreshes of semantic models are not interrupted, the ProEmbedded Portal also allows scheduling of on/off times of the capacity.

Important

ProEmbedded is not responsible for costs charged for Azure Resources. We highly recommend setting up budgets and cost control in Azure.

Capacity-related settings can be found in the Global Settings.

Fabric Free Trial Capacity

When the Trial Capacity setting is activated, all other settings related to capacities are hidden.

Selecting a paid Fabric or Power BI Embedded Capacity

From the Power BI Capacity Drop-Down, select the capacity that should be used with the ProEmbedded Portal.

Hint

If the Drop-Down is empty, you might not have access to the capacities in Azure. Simply follow the steps described in this documentation.

Once a paid Capacity is selected, the capacity starts and additional options show up.

Auto Managed Capacity

If the selected capacity is a pay-as-you-go, Auto Managed Capacity can help save costs by automatically pausing the capacity when nobody is using the portal and starting it again when a user logs in. When this option is selected, it might be necessary to also schedule specific times where the capacity is on, to make sure background operations such as refreshes run smoothly. To do this, simply activate the Scheduled Capacity option and modify the schedule as needed.

Hint

All times are in UTC.

Self Managed Capacity

To be able to manually start/pause the capacity and have it run 24/7, select Self Managed Capacity and either have it on or off. Please note that reserved capacities can't be paused.

Full Screen

Using the Full-Screen Mode in the ProEmbedded Portal

By pressing the icon in the top left corner of the ProEmbedded Portal, Full-Screen Mode is activated. To exit Full-Screen and go back to the regular look, simply press ESC.

When in full-screen mode, the native Power BI page navigation is automatically enabled, allowing users to navigate the pages of the report without leaving full-screen-mode.

View As Role

With the View As Role Feature, Super Admins and Admins can see what the ProEmbedded Portal looks like for other roles.

By pressing the icon in the top right corner, then selecting View As Role, all available roles are shown. Simply click on a Role and the Portal is displayed as if logged in with that role.

Text in Browser Tab

How to change the text show in the title of the browser tab.

The ProEmbedded Portal is completely white-labeled and does not show the name ProEmbedded anywhere, if customers don't want that. This is why we added a setting in the Global Settings, called Browser Tab Name. By chaning this setting, the title in the Browser Tab can be changed.

Adding Hyperlinks

How to add hyperlinks to the main menu so users can open external websites.

The ProEmbedded Portal allows integrating different elements into the main navigation menu. One of the options users have is to add hyperlinks to websites.

ProEmbedded Portal Hyperlink in Menu Name

Open the Roles/Pages/Users page
Open Pages and then select Add Page
Page Type: Select Hyperlink.
Hyperlink Title: Enter the text that should be shown in the navigation menu.
URL: Enter the url of the website that you want to open.
Open in new tab: If you want to open the website in a new browser tab, activate this checkbox.
Roles: Add the role(s) that should see this hyperlink in the navigation menu.

Adding PDFs

How to add PDFs to the main menu so users can view them directly in the ProEmbedded Portal.

The ProEmbedded Portal allows integrating different elements into the main navigation menu. One of the options users have is to add embedded PDFs, and have them visible only to certain roles inside the portal.

Open the Roles/Pages/Users page
Open Pages and then select Add Page
Page Type: Select PDF.
PDF Title: Enter the text that should be shown in the navigation menu.
Select PDF Document: Select the PDF document that you want to embed.
Select PDF: Select the already uploaded PDF document that you want to embed.
Upload PDF: Upload a new PDF document that you want to embed.
Roles: Add the role(s) that should see this PDF in the navigation menu.
Save: Click the Save button to save the changes.

Export to PDF/PowerPoint/PNG

How to export reports to PDF, PowerPoint or images (PNG).

The ProEmbedded Portal allows exporting reports to PDF, PowerPoint and PNG. Admins can control, which roles have access to this feature and which don't.

How to allow a role to export.

Open the Roles/Pages/Users page
Open Roles, search for the role you want to change and click Edit Role.
Activate the checkbox related to the export functionality and save the changes.

Paginated Reports

Adding Paginated Reports to the ProEmbedded Portal.

The ProEmbedded Portal supports embedding of Power BI Paginated Reports.

How to add Paginated Reports to the ProEmbedded Portal.

Open the Roles/Pages/Users page
Open Pages and then select Add Page
Page Type: Select Power BI Paginated Report.
Workspace Name: Selected the Workspace where the Paginated Report is located.
Report: Select the Paginated Report.
Row Level Role: In case the Semantic Model has RLS defined, this field is mandatory and the respective RLS role needs to be entered.
Roles: Add the role(s) that should see this Paginated Report in the navigation menu.

Synchronization

How to synchronize and workspaces with The Power BI Service.

It may happen that a report/workspace is deleted or renamed in the Power BI Service. In this case, the ProEmbedded Portal offers a functionality to synchronize the data and pull the latest information from the Power BI Service. For each page, corresponding icons are displayed depending on what kind of change was made in the Power BI Service.

ProEmbedded Portal Pages Card with Delete icon

ProEmbedded Portal Pages Card with Edit icon

To synchronize data, open the Roles/Pages/Users page and go to the Pages
If there is any data that is not in sync, a button appears at the top of the page. Clicking this button synchronizes all reports at once, that is, when you click on it, the names will be updated and deleted reports will be removed. In the next step, we explain how you can trigger the synchronization of a specific report.
If the a report/workspace has been renamed or deleted, a "Sync" button will appear for the specific report. When clicked, the data will be synchronized with the Power BI Service.

Third-Party Services

How to integrate third-party services like Gmail and Slack.

The ProEmbedded Portal allows integrating third-party services to enable data exchange between platforms. This includes setting up connections with tools like Gmail and Slack for streamlined communication.

Step 1: Create an account on Nango

Go to app.nango.dev and register a new account. After registration, be sure to confirm your email by clicking the link from the verification email. After successful verification and login, you will be taken to the Nango dashboard.

Currently, the portal supports two integrations:

Slack - setup documentation ;
Gmail - setup documentation ;

You will use the credentials after you complete the setup at step 3

Step 2: Create an integration

Click on the "Integrations" tab in the Nango dashboard and select the integration you want to create. For example, if you want to integrate with Slack, select the "Slack" integration.

Step 3: Provide your app information and establish a connection

Fill in the fields and click on the "Connect" button to establish a connection with your app.

Required scopes for Slack:

chat:write
channels:read
groups:read
im:read
mpim:read
triggers:read
users:read
users:read.email
users:write

After clicking on the "Connect" button, you will be redirected to the authorization page of the app you want to integrate with.

Also note that you need to enable endpoints for the Slack integration to work correctly:

Required scopes for Gmail:

.../auth/gmail.addons.current.action.compose

Required enable endpoints for Gmail integration:

Step 4: Create a new connection

Click the Authorize button — a new window will open with the authorization page for the application you want to integrate via OAuth.

Step 5: Test the connection

Once the authorization is complete, the new connection should appear in the Connections tab within the Nango dashboard. You can verify that the connection is active and successfully authenticated.

Then, click on it and navigate to the Authorization tab.

Step 6: Fill your data in the ProEmbedded Portal

Save your user id and user email

Next, navigate to the Environment Settings and save your Secret Key.

Return to ProEmbedded. Click the profile icon in the top right corner, then select Portal Configuration. At the bottom of the page, enter the data you have gathered. Save the changes.

Step 7: Make sure your connections are ready.

Once again, click the profile icon in the top right corner and navigate to the Integrations page. If the integration you set up appears there, it means everything has been configured correctly.

Usage

Select the desired chart, click the three dots in the top-right corner, and choose “Take an action” from the menu.

In the modal window, select the channels where you want to send the table.

Your application will deliver a message containing a data table in the following format.

Google Auth

Configuring Google Authentication for the ProEmbedded Portal

The ProEmbedded Portal supports Google Authentication as an alternative login method. This allows users to sign in using their Google accounts, providing a seamless authentication experience.

Step 1: Create a Google OAuth Application

Navigate to the Google Cloud Console and create a new project or select an existing one. Then, go to "APIs & Services" → "Credentials" and create a new OAuth 2.0 Client ID.

Step 2: Configure OAuth Settings

Configure your OAuth consent screen with the following settings:

Application type: Web application
Authorized JavaScript origins: Your ProEmbedded Portal domain
Authorized redirect URIs: https://yourdomain.com/api/auth/callback/google

Step 3: Obtain Client Credentials

After creating the OAuth client, you will receive:

Client ID: Used to identify your application
Client Secret: Used to authenticate your application

Keep these credentials secure as you will need them in the next step.

Step 4: Configure the ProEmbedded Portal

In your ProEmbedded Portal, navigate to the authentication settings:

Click on the profile icon in the top right corner
Select "Global Settings"
Navigate to the "Users & Authentication" section
Enable "Google Login"
Enter your Google Authentication Client ID
Enter your Google Authentication Client Secret
Save the configuration

ProEmbedded Portal Google Auth Configuration

Step 5: Test the Configuration

After saving the configuration, test the Google Authentication:

Log out of the ProEmbedded Portal
Navigate to the login page
Click on "Sign in with Google"
Verify that you can successfully authenticate

Security Considerations

When implementing Google Authentication, consider the following security best practices:

Domain Verification: Verify your domain in Google Cloud Console
HTTPS Only: Ensure all redirect URIs use HTTPS
Scope Limitation: Request only necessary OAuth scopes
Regular Review: Periodically review and rotate client secrets

Troubleshooting

Common issues and solutions:

Redirect URI mismatch: Ensure the redirect URI in Google Cloud Console exactly matches your portal's callback URL
Invalid client error: Verify that your Client ID and Client Secret are correctly entered
Access denied: Check that your OAuth consent screen is properly configured and published

Menu Configuration

How to define the sort order and groups of menu items.

The ProEmbedded Portal allows you to configure the sorting order of groups and items in the navigation menu.

Menu configuration settings

Click the profile icon in the bottom left corner, then select Menu Configuration.

On this page, you'll see accordion-style blocks where you can configure menus for each role. You can also use the search to find the roles you need.

Menu configuration for a role

For each role, there is the ability to add groups and place current pages within groups, with the ability to sort the order. When you delete a group, the pages become ungrouped. The group name can be edited by clicking the "Edit" button. This will show an input field for the name, which must be unique.

The changes are applied after clicking the save button. After saving, the navigation changes and no page reload is required.

Once a page is added to a role, it is added to the bottom of the navigation menu list.

Configure the default page

There is also the ability to select the page that will be active when the application is initialized and when the user goes to the portal/dashboard page.

Issues during the Installation

Troubleshooting the most common issues when installing the ProEmbedded Portal.

In certain cases, installing the ProEmbedded Portal in your Azure environment may fail. Most often, the issue is related to restrictions in your Microsoft Azure subscription or the region where you're attempting to deploy. If the installation fails, the installer app will attempt to automatically remove all resources that were created, to ensure you're not charged for unused services. However, in some cases, the installer may not be able to remove everything. We recommend checking your Azure Portal after any failed installation and reaching out to us if needed. That said, in most cases, the installation completes successfully, and you'll be able to use the ProEmbedded Portal without any issues. Below, you'll find some common errors that may occur during installation and how to resolve them.

Error 1: Resources deployed on a previous installation attempt are still being deleted.

Power BI Embedded - Resource group in deprovisioning state.

After a failed installation, the installer app will attempt to remove all deployed resources. This process can take some time on Azure&apros;s end. If you try to redeploy using the same resource names too quickly, the installation may fail again. If you see the error message mentioned above, simply wait a few minutes and then try again.

Microsoft Login Issues

Troubleshooting the most common issues when using Microsoft Entra Login in the ProEmbedded Portal.

To enable Microsoft Entra Authentication, some settings need to be configured during the installation of the ProEmbedded Portal. If any of these settings were not completed correctly, Microsoft Entra Login might not work properly. Below are the most common errors and how to fix them:

Error 1: The redirect URI specified in the request does not match the redirect URIs configured for the application.

Power BI Embedded - The redirect URI does not match.

This error occurs when the redirect URI specified in the request does not match the redirect URIs configured for the application in Microsoft Entra. To fix this error, make sure you have added the URI to the service principal as described in our documentation. The URI has been sent to you via email after the installation of the ProEmbedded Portal. In case you do not have this email, you can also create the URI like this: https://your-portal-name.azurewebsites.net/login/auth-callback. If the issue occurs while using a custom domain, please reach out to our support team.

Error 2: Application with identifier .... was not found in the directory.

Power BI Embedded - Application with identifier was not found.

This error occurs when the Service Principal Client ID was not entered correctly in the Global Settings. Follow the steps in our documentation to resolve the issue

ProEmbedded Documentation

Welcome to ProEmbedded Documentation

Documentation Categories

Installation

Fabric / Embedded Capacity

Azure Resources

ProEmbedded Portal

Support & Troubleshooting

Service Principal

What is a Service Principal and why do we need one?

How to create a Service Principal

Redirect URI

Expiry of Client Secret

Security

Entra Security Group

Entra Security Group

How to create an Entra Security Group and add the Service Principal to it

Name of user

Use Custom Domain

Connecting the ProEmbedded Portal to a Custom Domain

Important to know

How to configure a Custom Domain

Fabric Admin Settings

Make changes to the Fabric / Power BI Admin Settings

Hint

Capacity Settings

Assigning the Service Principal to the Fabric or Power BI Embedded Capactiy.

Hint

How to give access to the Capacity

Workspace Configuration

Configuring Power BI/Fabric Workspaces

Update Client Secret

Updating the Client Secret in the ProEmbedded Portal

Azure Budget & Cost Control

Cost Control in Azure

Power BI Capacity

Fabric/Power BI Embedded/Power BI Premium Capacity

Pricing

Monitoring

Power BI Capacity Monitoring

Fabric/Power BI Embedded/Power BI Premium Capacity Monitoring

How can we help?

App Service

Azure App Service plan & App Service

SQL Server & DB

Azure SQL Server and Database

Important

Storage Account

Azure Storage Account

Pages/Roles/Users

How to set up a role, configure the display of report pages for a role, and set up a user.

Roles, pages, users configuration settings

Roles configuration

Pages configuration

Hint

Users configuration

Fabric/Embedded Capacity

How to manage Microsoft Fabric or Power BI Embedded Capacities in the ProEmbedded Portal.

Important

Fabric Free Trial Capacity

Selecting a paid Fabric or Power BI Embedded Capacity

Hint

Auto Managed Capacity

Hint

Self Managed Capacity

Full Screen

Using the Full-Screen Mode in the ProEmbedded Portal

View As Role

With the View As Role Feature, Super Admins and Admins can see what the ProEmbedded Portal looks like for other roles.

Text in Browser Tab

How to change the text show in the title of the browser tab.

Adding Hyperlinks

How to add hyperlinks to the main menu so users can open external websites.

Adding PDFs

How to add PDFs to the main menu so users can view them directly in the ProEmbedded Portal.

Export to PDF/PowerPoint/PNG

How to export reports to PDF, PowerPoint or images (PNG).

How to allow a role to export.

Paginated Reports

Adding Paginated Reports to the ProEmbedded Portal.