https://community.fabric.microsoft.com/t5/Developer/Power-BI-Embedded-Authentication-through-Azure-AD/m-p/320986#M9460 <P>Hi&nbsp;<a href="https://community.fabric.microsoft.com/t5/user/viewprofilepage/user-id/48765">@shanu_123</a>,</P> <P>&nbsp;</P> <P><SPAN>If you are embedding for non-Power BI users (app owns data), which is typically an ISV scenario, then you should be able to follow <A href="https://docs.microsoft.com/en-us/power-bi/developer/embedded-row-level-security" target="_self">this</A> article&nbsp;to implement RLS.&nbsp;You will need to configure the embed token to account for the user and role.</SPAN></P> <BLOCKQUOTE><SPAN>&nbsp;As well roles are here hardcoded can we make them dynamic in code?&nbsp;</SPAN><BR /><HR /></BLOCKQUOTE> <P>Based on my understanding, if you could store all the app user info&nbsp;with the corresponding user name, roles, and datasets in your database or somewhere else. Then you should be able to get the required info&nbsp;(by retrieving&nbsp;the database) to generate the TokenRequest for the current app user dynamically.&nbsp;<img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.fabric.microsoft.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P> <P>&nbsp;</P> <P>Regards</P> Mon, 11 Dec 2017 08:26:34 GMT v-ljerr-msft 2017-12-11T08:26:34Z https://community.fabric.microsoft.com/t5/Developer/Power-BI-Embedded-Authentication-through-Azure-AD/m-p/319822#M9430 <P>I have implemeted Power BI Embedded sample "App-Own-Data" available at Power BI-Microsoft Docs, At the time of authenticate only that users are allowed that are added in workspace created in Power BI service, I want that all member Azure AD should able to authenticate and able to see reports based on roles, how can i authencate through azure AD in Power BI Embedded Application? As well roles are here hardcoded can we make them dynamic in code? Below is code for HomeController.cs -</P><P>&nbsp;generateTokenRequestParameters = new GenerateTokenRequest("View", null, identities: new List&lt;EffectiveIdentity&gt; { new EffectiveIdentity(username: "username", roles: new List&lt;string&gt; { username == "mohit.gupta@systematixindia.com" ? "Manager" : "Manager1" }, datasets: new List&lt;string&gt; { "bd725bc3-09b4-4c21-84b4-727d84a3f131" }) });</P> Fri, 08 Dec 2017 06:14:27 GMT https://community.fabric.microsoft.com/t5/Developer/Power-BI-Embedded-Authentication-through-Azure-AD/m-p/319822#M9430 shanu_123 2017-12-08T06:14:27Z https://community.fabric.microsoft.com/t5/Developer/Power-BI-Embedded-Authentication-through-Azure-AD/m-p/320986#M9460 <P>Hi&nbsp;<a href="https://community.fabric.microsoft.com/t5/user/viewprofilepage/user-id/48765">@shanu_123</a>,</P> <P>&nbsp;</P> <P><SPAN>If you are embedding for non-Power BI users (app owns data), which is typically an ISV scenario, then you should be able to follow <A href="https://docs.microsoft.com/en-us/power-bi/developer/embedded-row-level-security" target="_self">this</A> article&nbsp;to implement RLS.&nbsp;You will need to configure the embed token to account for the user and role.</SPAN></P> <BLOCKQUOTE><SPAN>&nbsp;As well roles are here hardcoded can we make them dynamic in code?&nbsp;</SPAN><BR /><HR /></BLOCKQUOTE> <P>Based on my understanding, if you could store all the app user info&nbsp;with the corresponding user name, roles, and datasets in your database or somewhere else. Then you should be able to get the required info&nbsp;(by retrieving&nbsp;the database) to generate the TokenRequest for the current app user dynamically.&nbsp;<img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.fabric.microsoft.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P> <P>&nbsp;</P> <P>Regards</P> Mon, 11 Dec 2017 08:26:34 GMT https://community.fabric.microsoft.com/t5/Developer/Power-BI-Embedded-Authentication-through-Azure-AD/m-p/320986#M9460 v-ljerr-msft 2017-12-11T08:26:34Z