Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

A new Data Days event is coming soon! This time we’re going bigger than ever. Fabric, Power BI, SQL, AI and more. Don't miss out.

Reply
SNPPowerbi
Regular Visitor

How to implement RLS using AAD/AD in Embedded reports

‎07-19-2017 11:57 AM

Hi,

 

Have generated powerbi report, want to integrate with custom application. Where i want to implement Row Level security in my embedded report using AAD.

 

Do not want to use database authentication mode

 

Please suggest me the solution for the same.

 

 

Labels:
Message 1 of 2
1,059 Views
0
1 ACCEPTED SOLUTION
v-huizhn-msft
Microsoft Employee
Microsoft Employee

‎07-21-2017 02:18 AM

Hi @SNPPowerbi,

Power BI Embedded doesn't depend on the Azure AD account or windows account. You can use your favorite authentication (forms auth, basic auth, etc) in your app, and you can combine these account with Power BI RLS. 

First, you must understand how the Power BI Embedded works and how the access token (which is used for embedding reports) is used.

After your app authenticate the user, your app should determine what role is needed, and use the following json/PHP/.Net(it depends on your custom app) string as the input of access token signature. For example, add the RSL(highlighted in bold) in json string:

{
  "wid":"{workspace id}",
  "rid":"{report id}",
  "wcn":"{workspace collection name}",
  "iss":"PowerBISDK",
  "ver":"0.2.0",
  "aud":"https://analysis.windows.net/powerbi/api",
  "nbf":{start time of token expiration},
  "exp":{end time of token expiration},
  "roles":"{role names (multiple) delimited by comma}",
  "username":"{user name}"
}


For more details, you can review the following articles.

Works with Row Level Security in Power BI and Power BI Embedded
How to use Power BI Embedded via REST
Row level security with Power BI Embedded

Best Regards,
Angelia 

View solution in original post

Message 2 of 2
1,252 Views
1 REPLY 1
v-huizhn-msft
Microsoft Employee
Microsoft Employee

‎07-21-2017 02:18 AM

Hi @SNPPowerbi,

Power BI Embedded doesn't depend on the Azure AD account or windows account. You can use your favorite authentication (forms auth, basic auth, etc) in your app, and you can combine these account with Power BI RLS. 

First, you must understand how the Power BI Embedded works and how the access token (which is used for embedding reports) is used.

After your app authenticate the user, your app should determine what role is needed, and use the following json/PHP/.Net(it depends on your custom app) string as the input of access token signature. For example, add the RSL(highlighted in bold) in json string:

{
  "wid":"{workspace id}",
  "rid":"{report id}",
  "wcn":"{workspace collection name}",
  "iss":"PowerBISDK",
  "ver":"0.2.0",
  "aud":"https://analysis.windows.net/powerbi/api",
  "nbf":{start time of token expiration},
  "exp":{end time of token expiration},
  "roles":"{role names (multiple) delimited by comma}",
  "username":"{user name}"
}


For more details, you can review the following articles.

Works with Row Level Security in Power BI and Power BI Embedded
How to use Power BI Embedded via REST
Row level security with Power BI Embedded

Best Regards,
Angelia 

Message 2 of 2
1,253 Views

Helpful resources

Announcements
May Power BI Update Carousel

Power BI Monthly Update - May 2026

Check out the May 2026 Power BI update to learn about new features.

Fabric SQL PBI Data Days

Data Days 2026 coming soon!

Sign up to receive a private message when registration opens and key events begin.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

View All