https://community.fabric.microsoft.com/t5/Developer/Power-BI-embedded-data-security-based-on-user-role/m-p/363871#M10854 <P>Hi&nbsp;<a href="https://community.fabric.microsoft.com/t5/user/viewprofilepage/user-id/55843">@sid1582</a>,</P> <P>&nbsp;</P> <P class="lf-text-block lf-block" data-lf-anchor-id="a9415a68506d35d492c32477cb646a28:0">Row level security (RLS) can be used to restrict user access to data within dashboards, tiles, reports, and datasets. <STRONG>Multiple, different users can work with those same artifacts all while seeing different data</STRONG>. Embedding supports RLS.&nbsp;<img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.fabric.microsoft.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P> <P class="lf-text-block lf-block" data-lf-anchor-id="a9415a68506d35d492c32477cb646a28:0">&nbsp;</P> <P class="lf-text-block lf-block" data-lf-anchor-id="9396ed034cbe84a14ec99d4e472b757b:0">If you're embedding for non-Power BI users (app owns data), which is typically an ISV scenario, then <A href="https://docs.microsoft.com/en-us/power-bi/developer/embedded-row-level-security" target="_self">this</A> article is for you! You will need to configure the embed token to account for the user and <STRONG>role</STRONG>.</P> <P class="lf-text-block lf-block" data-lf-anchor-id="9396ed034cbe84a14ec99d4e472b757b:0">&nbsp;</P> <P class="lf-text-block lf-block" data-lf-anchor-id="a1d4ea4a917a35a70fe8a5c7132e777f:0">If you are embedding to Power BI users (user owns data), within your organization, RLS works the same as it does within the Power BI service directly. There is nothing more you need to do in your application. For more information see,<SPAN>&nbsp;</SPAN><A href="https://docs.microsoft.com/en-us/power-bi/service-admin-rls" data-linktype="relative-path" target="_blank">Row-Level security (RLS) with Power BI</A>.</P> <P>&nbsp;</P> <P>Regards</P> Fri, 23 Feb 2018 06:47:13 GMT v-ljerr-msft 2018-02-23T06:47:13Z https://community.fabric.microsoft.com/t5/Developer/Power-BI-embedded-data-security-based-on-user-role/m-p/363115#M10832 <P>Team -&nbsp;</P><P>&nbsp;</P><P>We have a HRMS system and we want to use PowerBI embedded for showing BI outputs. As a result , this involves limiting the data to a user and showing the user his own data and managers the data of their reportees.&nbsp;</P><P>&nbsp;</P><P>An access matrix system is already implemented in the HRMS. We want to implement a similar access stack with the Power BI. Is there a way to do it ? Please advise.</P><P>&nbsp;</P><P>Roles -</P><P>Analyst group - sees their own data&nbsp;</P><P>Manager group - see their reportees data&nbsp;</P><P>Vertical leads - sees all data under a vertical&nbsp;</P><P>All - See all data&nbsp;</P><P>&nbsp;</P><P>Kindly advise.</P><P>&nbsp;</P><P>Regards,</P><P>Siddharth</P><P>&nbsp;</P> Thu, 22 Feb 2018 09:55:54 GMT https://community.fabric.microsoft.com/t5/Developer/Power-BI-embedded-data-security-based-on-user-role/m-p/363115#M10832 sid1582 2018-02-22T09:55:54Z https://community.fabric.microsoft.com/t5/Developer/Power-BI-embedded-data-security-based-on-user-role/m-p/363871#M10854 <P>Hi&nbsp;<a href="https://community.fabric.microsoft.com/t5/user/viewprofilepage/user-id/55843">@sid1582</a>,</P> <P>&nbsp;</P> <P class="lf-text-block lf-block" data-lf-anchor-id="a9415a68506d35d492c32477cb646a28:0">Row level security (RLS) can be used to restrict user access to data within dashboards, tiles, reports, and datasets. <STRONG>Multiple, different users can work with those same artifacts all while seeing different data</STRONG>. Embedding supports RLS.&nbsp;<img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.fabric.microsoft.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P> <P class="lf-text-block lf-block" data-lf-anchor-id="a9415a68506d35d492c32477cb646a28:0">&nbsp;</P> <P class="lf-text-block lf-block" data-lf-anchor-id="9396ed034cbe84a14ec99d4e472b757b:0">If you're embedding for non-Power BI users (app owns data), which is typically an ISV scenario, then <A href="https://docs.microsoft.com/en-us/power-bi/developer/embedded-row-level-security" target="_self">this</A> article is for you! You will need to configure the embed token to account for the user and <STRONG>role</STRONG>.</P> <P class="lf-text-block lf-block" data-lf-anchor-id="9396ed034cbe84a14ec99d4e472b757b:0">&nbsp;</P> <P class="lf-text-block lf-block" data-lf-anchor-id="a1d4ea4a917a35a70fe8a5c7132e777f:0">If you are embedding to Power BI users (user owns data), within your organization, RLS works the same as it does within the Power BI service directly. There is nothing more you need to do in your application. For more information see,<SPAN>&nbsp;</SPAN><A href="https://docs.microsoft.com/en-us/power-bi/service-admin-rls" data-linktype="relative-path" target="_blank">Row-Level security (RLS) with Power BI</A>.</P> <P>&nbsp;</P> <P>Regards</P> Fri, 23 Feb 2018 06:47:13 GMT https://community.fabric.microsoft.com/t5/Developer/Power-BI-embedded-data-security-based-on-user-role/m-p/363871#M10854 v-ljerr-msft 2018-02-23T06:47:13Z