Get certified in Microsoft Fabric—for free! For a limited time, the Microsoft Fabric Community team will be offering free DP-600 exam vouchers. Prepare now
Hi,
I would like to integrate my PowerBI Embedded report with the paginated report. My reports are developed for external customers coming from other companies and we are embedding our PowerBI reports into our product with iframe etc. We have already setup Role Level Security (RLS) for our PowerBI reports which is working well for our customers.
With the paginated report, we would like to link it to our existing PowerBI report. Have gone through some online documentation about integrating PowerBI report and paginated report. I've also tested on my own which was working:
http://www.cittabase.com/integrating-power-bi-report-with-paginated-report/
However, the problem is that I am not sure how to get the RLS setup properly in the paginated report. My ultimate goal is to create a link in the PowerBI report that allows user to click on it and redirect to the paginated report page. In other words, the RLS parameters should be passed from the PowerBI report to the Paginated report so that the user can see the relevant data under their user account.
The configuration in the above link is working for reports without any RLS concerns, but I am not sure how to setup for the RLS even after reading the below documentation:
https://docs.microsoft.com/en-us/power-bi/developer/embedded/paginated-reports-row-level-security
Anyone can guide me how to do this? Thanks.
Best regards,
Emily
Solved! Go to Solution.
Yeah in App-Owns-Data scenarios, we're a bit more limited. That said depending on your specific sceanrio, you can also look at the embed-token user filters. The application would need to specificy the user name on the token, then do filtering in the report (this is a secure method). Just look under the "passing the configured parameter using the embed token" at:
https://docs.microsoft.com/en-us/power-bi/developer/embedded/paginated-reports-row-level-security
Otherwise, at a later date we are looking at using identify blobs, where a token can be used to do real "Single Sign On" auth to the data source.
Hope that helps!
This limit is still present at this day. Although i would like to share a solution:
When user sends embedurl request to your application, your application can generate an app "session token" (saved to db with related context , userid, ...). User can then request power bi paginated report with this "session token" by url parameter.
The report can then resolve it's user_id parameter value by retrieving it from db using this session token.
Although not straightforward solution, it's secure and only way found in a app owned embedding where RLS is not applicable.
Hope this helps someone.
@Anonymous , RLS with embedded
https://www.youtube.com/watch?v=yNF-_l2f7w0&feature=youtu.be
Paginated embedded
https://docs.microsoft.com/en-us/power-bi/developer/embedded/paginated-reports-row-level-security
As mentioned earlier, we are already implementing PowerBI Embedded with RLS as of today.
In addition, I have already read the Paginated Embedded documentation earlier and I found it's difficult to understand the configuration especially how to link PowerBI Report and Paginated report together in consideration of passing the UserId from one to another.
Hi Emily - one thing to check, is what style of embedding you are doing. If you are using user owned vs app owned data for the pagainted report. Note that only in user-owns-data sceanrios will the user's context be passed through, and the documented RLS "trick" of filtering on user id in the pagainted report work. https://community.powerbi.com/t5/Developer/App-vs-User-Owns-Data/td-p/300729. Support for app-owned-data scenarios in this case are not yet supported.
One thing you might do (depeding if this is a security filter or not), you could pass the filter context on the pagainted report URL and bind it to a report parameter. Like shown here https://docs.microsoft.com/en-us/power-bi/paginated-reports/report-builder-url-parameters. Just note that anyone could manually change the value, so don't use it for securing data between users.
@Jon-Heide Thank you for your reply and well noted your point.
We are using App Own Data for our PowerBI Embedded (external customers), so I think right now there is no way to pass the RLS parameters from PowerBI Report to Paginated Report in a secure way by configuring the URL itself.
I think this is a limitation of PowerBI itself and I hope there will be a solution by Microsoft in the future.
Thanks again for your help!
This limit is still present at this day. Although i would like to share a solution:
When user sends embedurl request to your application, your application can generate an app "session token" (saved to db with related context , userid, ...). User can then request power bi paginated report with this "session token" by url parameter.
The report can then resolve it's user_id parameter value by retrieving it from db using this session token.
Although not straightforward solution, it's secure and only way found in a app owned embedding where RLS is not applicable.
Hope this helps someone.
Yeah in App-Owns-Data scenarios, we're a bit more limited. That said depending on your specific sceanrio, you can also look at the embed-token user filters. The application would need to specificy the user name on the token, then do filtering in the report (this is a secure method). Just look under the "passing the configured parameter using the embed token" at:
https://docs.microsoft.com/en-us/power-bi/developer/embedded/paginated-reports-row-level-security
Otherwise, at a later date we are looking at using identify blobs, where a token can be used to do real "Single Sign On" auth to the data source.
Hope that helps!
Check out the October 2024 Power BI update to learn about new features.
Learn from experts, get hands-on experience, and win awesome prizes.
User | Count |
---|---|
108 | |
108 | |
107 | |
89 | |
61 |
User | Count |
---|---|
171 | |
139 | |
133 | |
103 | |
86 |