The CredentialQuery Option For Web.Contents() In Power BI Custom Data Connectors

There’s a new, as yet undocumented, option for the Web.Contents() M function that is only available for custom data connectors and not in Power BI Desktop: CredentialQueryOption. It does the same thing as the Query option, but it stops the values you are passing to the query parameter from being logged in Power BI’s diagnostic logs, so it’s useful if you are passing sensitive information such as passwords.

For example, consider the following call to Web.Contents() used in a custom data connector:


When the custom data connector is used in Power BI Desktop, if diagnostic logging is turned on in the Options dialog:


…then, if you look in the log files you’ll see the entire url called including the search term “cows”:


However, if you change the M code to:


So that the CredentialQuery option is used instead of the Query option, the search term will not appear in the log file.

Thanks to Curt Hagenlocher for providing this information.

2 responses

  1. Pingback: The CredentialQuery Option For Web.Contents() In Power BI Custom Data Connectors |

  2. Hi Chris!
    In my custom data connector, the key used to authenticate is passed on the Headers part of Web.Contents, like this:

    GetTables = (ServiceAddress as text) as table =>
    authKey = Extension.CurrentCredential()[Key],
    baseUrl = ServiceAddress & “/api/ID713PowerBIConnector/GetQueryList”,
    options = [Headers=[auth_key = authKey, #”Content-Type”=”application/Json”],
    ManualStatusHandling = {400,401,403,404,429,500,503}
    _url = ValidateUrlScheme(baseUrl),
    source = Web.Contents(_url, options)

    Do i need to refactor this into Relative Path + CredentialQuery, in order to certify the connector in the future?

    Thank you.

Leave a Reply to Carlos Pinheiro Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: