Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Join the FabCon + SQLCon recap series. Up next: Power BI, Real-Time Intelligence, IQ and AI, and Data Factory take center stage. All sessions are available on-demand after the live show. Register now

Reply
POSPOS
Post Partisan
Post Partisan

Issue : RLS is getting bypassed

‎09-30-2025 09:16 AM

Hi,

I am creating a report which has row level security and page level security.

I have three pages in the report.

Page 1 has row level security(to see only the data they have access to) and page level security (hide page 2 and 3)

Page 2  page level security (hide page 1 and 3), no row level security (they see all data)

Page 3 has row level security(to see only the data they have access to) and page level security (hide page 1 and 2)

 

I created three RLS for this:  RLS_Page1, RLS_Page2, RLS_Page3

 

When I tst this by assigning a user to only one RLS at a time it works,

When I test this by assigning a user to RLS_Page1 and  RLS_Page3, it works

Issue: Issue here is if I assign user to RLS_Page1 and RLS_Page2,  or RLS_Page3 and RLS_Page2,  they the row level secutity is being bypassed.

 

How can I fix this?

 

Thank you

 

Labels:
Message 1 of 3
453 Views
0
1 ACCEPTED SOLUTION
ivana_tomekova
Advocate I
Advocate I

‎09-30-2025 09:34 AM

Problem is, that RLS_page 2 gives access to everything, as I understood it... if one user is in multiple RLS groups, RLS filters become additive... so if based on Page2 RLS they can see everything, this is then applied also to Page 1 and Page 3...

 

When you're considering the permission needs for a single report user, strive to create a single role that grants all those permissions, instead of a design where a report user will be a member of multiple roles. It's because a report user could map to multiple roles, either directly by using their user account or indirectly by security group membership. Multiple role mappings can result in unexpected outcomes.

 

Therefore, you need to choose between creating fewer roles or achieving the desired effect.


More in MS documentation here: Row-level security (RLS) guidance in Power BI Desktop - Power BI | Microsoft Learn

View solution in original post

Message 2 of 3
432 Views
2 REPLIES 2
ivana_tomekova
Advocate I
Advocate I

‎09-30-2025 09:34 AM

Problem is, that RLS_page 2 gives access to everything, as I understood it... if one user is in multiple RLS groups, RLS filters become additive... so if based on Page2 RLS they can see everything, this is then applied also to Page 1 and Page 3...

 

When you're considering the permission needs for a single report user, strive to create a single role that grants all those permissions, instead of a design where a report user will be a member of multiple roles. It's because a report user could map to multiple roles, either directly by using their user account or indirectly by security group membership. Multiple role mappings can result in unexpected outcomes.

 

Therefore, you need to choose between creating fewer roles or achieving the desired effect.


More in MS documentation here: Row-level security (RLS) guidance in Power BI Desktop - Power BI | Microsoft Learn

Message 2 of 3
433 Views
lbendlin
Super User
Super User
In response to ivana_tomekova

‎09-30-2025 02:46 PM

Page level security does not exist.  Create separate reports for separate audiences.

Message 3 of 3
387 Views
0

Helpful resources

Announcements
April Power BI Update Carousel

Power BI Monthly Update - April 2026

Check out the April 2026 Power BI update to learn about new features.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

FabCon and SQLCon Highlights Carousel

FabCon &SQLCon Highlights

Experience the highlights from FabCon & SQLCon, available live and on-demand starting April 14th.

View All