Token based Identity in Azure SQL database

NeerajaBen — Tue, 21 Apr 2020 08:50:00 GMT

Hi All,

We have a request from business to embed power bi reports in web app and implement RLS.However they want to reuse the RLS implementation in SQL server and not use the power BI RLS feature. For this we are using 'token base identity with Azure SQL Database'

https://docs.microsoft.com/en-us/power-bi/developer/embedded/embedded-row-level-security#token-based-identity-with-azure-sql-database-preview

On passing identity blob object to embed code we are getting below error for few users(for certain users it works fine).

{"error":{"code":"InvalidRequest","message":"Identity blob value size exceeds size limit of 6144 bytes"}}

On decoding the access token recieved we could see it also has groups information in it and for users with error has more number of groups information which is being appended to access token. Is there anyway to remove groups claims from access token recieved from AD.

Thanks & Regards,

Neeraja

Re: Token based Identity in Azure SQL database

nandukrishnavs — Tue, 21 Apr 2020 14:42:12 GMT

@NeerajaBen

Please go through this link: https://docs.microsoft.com/en-us/rest/api/power-bi/embedtoken

I think you are using Generate Token method, please try with GenerateTokenInGroup

Did I answer your question? Mark my post as a solution!
Appreciate with a kudos 🙂

topic Token based Identity in Azure SQL database in Developer

Token based Identity in Azure SQL database

Re: Token based Identity in Azure SQL database