Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Be one of the first to start using Fabric Databases. View on-demand sessions with database experts and the Microsoft product team to learn just how easy it is to get started. Watch now

Reply
Anonymous
Not applicable

RLS using login email to limit data view

‎05-31-2023 03:12 AM

Good day to whoever reads this. 🙂 

I am trying to use RLS in my PowerBI desktop file to allow someone to view or not view certain data for example. 
admin@domain.com would be allowed to see everything while worker1@domain.com would only be able to view data for the eastern branch of the company and someone not in the RLS table wouldn't be able to see anything at all. I would like to filter these permissions based on the email they are using to log in with I have tried using: 

 

[UPN] == userprincipalname ()

 

But fail to get it working and fully understand how to do it. After viewing the documentation on RLS I'm still unsure of how to do this so anyone that can offer some help I would highly appreciate it!

P.s. If any extra information is needed from my side please let me know I'll gladly provide anything I can 🙂

Labels:
Message 1 of 5
791 Views
0
1 ACCEPTED SOLUTION
v-shex-msft
Community Support
Community Support
In response to Anonymous

‎06-07-2023 02:14 AM

Hi @Anonymous,

>>If I understand you correctly it needs to have either a column with those usernames in it in each table or a relationship where it takes the username from a table and uses it on any table that is connected to it by those relationships?

In fact, they are basic usages and username part are not necessary. If the basic username and records mapping not suitable for your usernames, you can also consider setting some two or three step roles andd add a default role for the users which not has correspond usernames.

For example, you can bind user with group/departments and use RLS filter on the group field to filter records and apply these filter effect based on relationship.(user table link to the user group/department table, and use this table as bridge to link other tables; current username as condition to find out correspond group to filter records, if not existed correspond username, return the default group filter)

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.

View solution in original post

Message 4 of 5
680 Views
4 REPLIES 4
v-shex-msft
Community Support
Community Support

‎06-01-2023 07:33 PM

Hi @Anonymous,

For dynamic RLS with USERNAME/USERPRINCIPALNAME, you need to create or modify your user table to add a field with correspond user accounts, then you can use Dax USERNAME/USERPRINCIPALNAME function result as condition to check that field to apply filter effect. Then these filter effect will be apply to other tables if you has enabled the relationship from user table to other table with ‘both’ directions.

DAX USERPRINCIPALNAME - Use in RLS - Power BI Docs

What is the Direction of Relationship in Power BI? - RADACAD

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.
Message 2 of 5
719 Views
Anonymous
Not applicable
In response to v-shex-msft

‎06-01-2023 11:30 PM

Hey there@v-shex-msft,

Thank you for your response I did view those links before posting here but If I understand you correctly it needs to have either a column with those usernames in it in each table or a relationship where it takes the username from a table and uses it on any table that is connected to it by those relationships? if this is the case RLS wouldn't work too well for me here since not all of them are connected to the employee information where the username would be.

Sorry if the question seems like a dumb beginner's error I'm still learning a lot about BI.

Thank you in advance!

Message 3 of 5
712 Views
0
v-shex-msft
Community Support
Community Support
In response to Anonymous

‎06-07-2023 02:14 AM

Hi @Anonymous,

>>If I understand you correctly it needs to have either a column with those usernames in it in each table or a relationship where it takes the username from a table and uses it on any table that is connected to it by those relationships?

In fact, they are basic usages and username part are not necessary. If the basic username and records mapping not suitable for your usernames, you can also consider setting some two or three step roles andd add a default role for the users which not has correspond usernames.

For example, you can bind user with group/departments and use RLS filter on the group field to filter records and apply these filter effect based on relationship.(user table link to the user group/department table, and use this table as bridge to link other tables; current username as condition to find out correspond group to filter records, if not existed correspond username, return the default group filter)

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.
Message 4 of 5
681 Views
Anonymous
Not applicable
In response to v-shex-msft

‎06-07-2023 03:37 AM

Hey @v-shex-msft,

Thank you so much for your explanation we have decided not to use RLS but you have allowed me to learn more about it which I have laid with personally have a wonderful day and thanks a lot again.

Message 5 of 5
677 Views
0

Helpful resources

Announcements
Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!

ArunFabCon

Microsoft Fabric Community Conference 2025

Arun Ulag shares exciting details about the Microsoft Fabric Conference 2025, which will be held in Las Vegas, NV.

December 2024

A Year in Review - December 2024

Find out what content was popular in the Fabric community during 2024.

View All