Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Enhance your career with this limited time 50% discount on Fabric and Power BI exams. Ends August 31st. Request your voucher.

Reply
RichardMartin
Frequent Visitor

Data viewers need contributor access to view shortcutted lakehouse data

‎09-17-2024 06:01 AM

A group of users are data consumers and should have read access to data in a lakehouse in a workspace in order to consume the data.

If we make the data available in the lakehouse via a Fabric shortcut from another lakehouse in another workspace, the users can not access the data. In order to access the data they need contributor rights. When they are given this, they can modify the data in the shortcut.

 

Is this the intended behaviour?

Labels:
Message 1 of 9
1,025 Views
8 REPLIES 8
frithjof_v
Super User
Super User

‎10-12-2024 03:54 PM

@RichardMartin I think this is how it works (and I tested it briefly on my side):

 

If a user only needs to read the shortcut data through T-SQL (SQL Analytics Endpoint) or Power BI, then they don't need to have access to the source (target path) of the shortcut. They only need access to the SQL Analytics Endpoint or the Power BI report in the consuming workspace (the workspace where the shortcut is created).

 

If a user needs to access the shortcut through Spark (e.g. Notebook), then they will need to have permission in the source (target path) of the shortcut, in addition to permission to the shortcut itself. E.g. contributor role in the source workspace and the consuming workspace.

 

Here is documentation about the required access permissions: Secure and manage OneLake shortcuts - Microsoft Fabric | Microsoft Learn

 

frithjof_v_0-1728773683157.png

 

Message 9 of 9
627 Views
0
Anonymous
Not applicable

‎10-09-2024 01:08 AM

HI @RichardMartin,

Any update on this? Did the above suggestions help with your scenario? if that is the case, you can consider Kudo or Accept the helpful suggestions to help others who faced similar requirements.

Regards,

Xiaoxin Sheng

Message 8 of 9
669 Views
0
Shreya_Barhate
Advocate I
Advocate I

‎10-03-2024 03:28 AM

Hi @RichardMartin ,
Shortcut tables are only for reading data, so even with contributor access, one cannot modify the data. However, one can delete the shortcut tables with contributor access.

If you want to provide only read/viewer access to shortcut tables, you can assign the ‘Viewer’ role for the workspace. Additionally, you can configure the OneLake data access role for the specific shortcut table and grant read permission.

Shreya_Barhate_0-1727951160917.png

Get started with OneLake data access roles (preview) - Microsoft Fabric | Microsoft Learn

 

Regards,
Shreya

Message 6 of 9
726 Views
0
frithjof_v
Super User
Super User
In response to Shreya_Barhate

‎10-12-2024 03:45 PM

In general, shortcut tables are not read-only. We can write to the source table through a shortcut table.

Message 7 of 9
628 Views
0
Anonymous
Not applicable

‎10-03-2024 12:54 AM

Hi @RichardMartin ,

Did the above suggestions help with your scenario? if that is the case, you can consider Kudo or Accept the helpful suggestions to help others who faced similar requirements.

If these also don't help, please share more detailed information and description to help us clarify your scenario to test.

How to Get Your Question Answered Quickly 

Regards,

Xiaoxin Sheng

Message 5 of 9
757 Views
0
FabianSchut
Super User
Super User

‎09-18-2024 12:32 AM

Hi @RichardMartin, there has just been a blog post about Workspace Identity for OneLake Shortcuts published. Does that solve your problem: https://blog.fabric.microsoft.com/en-us/blog/introducing-workspace-identity-authentication-for-onela...

Message 4 of 9
959 Views
0
Anonymous
Not applicable

‎09-17-2024 11:29 PM

Hi @RichardMartin,

You can refer to the following link to know the different permission between workspace roles, if you only want they can read data, I'd like to suggest you only assign viewer permission on both workspace and fabric item. 

Roles in workspaces in Microsoft Fabric - Microsoft Fabric | Microsoft Learn

Regards,

Xiaoxin Sheng

Message 3 of 9
962 Views
0
Anonymous
Not applicable

‎09-17-2024 06:33 PM

Hi @RichardMartin 

Your question belongs to Data Engineering, I have transferred your question to the corresponding forum, an engineer will deal with you later, please be patient.

https://community.fabric.microsoft.com/t5/Data-Engineering/bd-p/ac_dataengineering 

 

Best Regards,
Community Support Team _ Ailsa Tao

Message 2 of 9
981 Views
0

Helpful resources

Announcements
July 2025 community update carousel

Fabric Community Update - July 2025

Find out what's new and trending in the Fabric community.

View All