Appearance
Frequently Asked Questions
Account & Sign-up
My password is rejected during registration
Datascaphe passwords must meet the following requirements:
- Minimum 12 characters
- At least one uppercase letter
- At least one number
A user from my organization cannot sign up
Two organization settings control this behavior:
- Prevent User Signup — if enabled, users with your organization's domain are blocked from signing up entirely. They must be added manually by an administrator.
- Auto Add Users — if signup is allowed but this setting is off, new sign-ups are placed in a waiting state until an administrator approves them.
Check both settings in the Organization edit page. See Accounts & Roles for the full behavior matrix.
My domain name was saved but then disappeared from the organization
Domain names added to the organization are validated: only domains and subdomains of your registration email domain or your Azure tenant's verified domains are accepted. onmicrosoft.com subdomains are not supported. Any entry that doesn't pass this check is silently dropped on save.
Organization & Extension Setup
Where do I find my organization code for the browser extension?
The organization code is a unique identifier generated automatically when your organization is created. You can find it in Dashboard → Organization. It is required when configuring the Datascaphe Uplink browser extension.
My Azure Tenant ID is saved but features depending on it don't work
Saving the Tenant ID alone is not enough. The tenant must also be synchronized so that Datascaphe can retrieve the list of verified domains from Azure. This synchronization happens through the onboarding process. Until both the Tenant ID and the tenant's domain list are on record, tenant-dependent features remain unavailable.
Reports
My report was linked but the name and workspace fields are empty
After a report is saved, Datascaphe attempts to auto-fill the report name, workspace ID, and workspace name by querying the Power BI API. This requires a valid Azure tenant configuration and sufficient permissions. If the auto-fill did not happen, check that:
- Your Azure Tenant ID is configured and synchronized in the Organization settings
- The user or service principal has access to the Power BI workspace where the report is published
My report is published in a personal Power BI workspace and it doesn't work
Reports published in personal workspaces (My Workspace) are not supported. The report must be published in a shared workspace.
I deleted a report but it still seems to exist in some places
Reports are soft-deleted: they are flagged as deleted but not removed from the database. This preserves associated user and scanner data. If you see lingering references, this is expected behavior.
Scanner Data & Metadata
The terms on my web page are not highlighted even after refreshing
Check the following in order:
- Scanner Definition — verify that the Ref Table and Ref Column match the exact names in your Power BI semantic model (case-sensitive).
- Cache — scanner data is cached locally on the user's device and on the server. A manual refresh from the backend will bypass both caches and force a new query to the Power BI dataset.
- RLS — if your report uses Row Level Security, the RLS configured on the report option must be enabled. Without it, scanner data is cached at the report level and RLS filters are not applied per user.
Different users see different or missing highlighted terms, but RLS is not the cause
Each Scanner Definition's Analysis Name must be unique per report. If two definitions share the same name on the same report, the second one will be rejected. Verify that all definitions have distinct names.
My scanner data schedule is not running at the expected time
Schedule times are stored and processed in UTC. When configuring a schedule, make sure to select the correct timezone so that the cron expression is interpreted in your local time. The displayed next run date in the backend reflects the UTC-converted time.
My cron expression is rejected
The minimum allowed frequency for a scanner data schedule is every 30 minutes. Expressions that would trigger more frequently than that (e.g. * * * * * or */15 * * * *) are rejected on save.
I defined the Scanner Definition in my Power BI dataset but it is being ignored
If a Scanner Definition exists both in the Datascaphe UI and in the dataset tables (scanner_definition, scanner_synonyms), the UI version takes precedence and the dataset version is ignored. Remove the UI definition if you want to use the dataset approach instead.
Service Principals
I cannot see or copy my service principal's client secret after saving
Client secrets are stored encrypted and are not retrievable after the initial save. Store the secret value securely (e.g. in a key vault) before saving it in Datascaphe. If the secret is lost, generate a new one in Azure Entra ID and update the service principal in Datascaphe, leaving the Client ID unchanged.
The smart popup shows a message at the bottom saying usage is limited in shared environment
Using a Service Principal to authenticate against the Power BI API requires the report to be hosted in a Premium or Embedded capacity workspace. This is a Microsoft licensing requirement. Verify that the workspace has the appropriate capacity assigned.
What is the difference between setting a service principal on a report vs on a user?
- Report-level SP: used for all Power BI API calls for that report, for all users. Required for scheduled and backend-triggered scanner data refresh.
- User-level SP: used only as a fallback when fetching report metadata (name, workspace) from the Power BI API at report creation time. It does not drive scanner data refresh.
When both are set, the report-level SP takes precedence for API authentication.
See Connect to the Power BI API for details.
Users & Access
A user in centralized management mode cannot see any data in the extension
In centralized mode, the user's scanner data is not fetched by their own account. An administrator or a service principal must trigger a scanner data refresh from the backend (which will generate the access token accordingly) before the user can display report data through the extension. The extension will only serve data from the server cache. Following refreshes triggered by user interactions will use the access token associated to the last admin/SP report refresh.
A user was disabled but can still authenticate
Disabling a user (Is Enabled = false) prevents them from using the Uplink service (extension, report display). However, if they have a backend authentication account, they may still be able to log in to the backend interface depending on their account state. To fully block access, disable the user service record and manage their backend account separately.
A user cannot be added because their email domain is not accepted
Only email addresses with domains matching the organization's registered domain names are accepted for user creation via CSV import. Verify that the user's domain is listed in the Domain Names field of your organization. Accounts with domains outside this list are flagged as invalid during import validation and skipped.