Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

July 7 - July 17 | Round 2 of the Power BI Dataviz World Championships. Don't miss your chance! Learn more

Reply
POSPOS
Post Partisan
Post Partisan

Issue : RLS is getting bypassed

Hi,

I am creating a report which has row level security and page level security.

I have three pages in the report.

Page 1 has row level security(to see only the data they have access to) and page level security (hide page 2 and 3)

Page 2  page level security (hide page 1 and 3), no row level security (they see all data)

Page 3 has row level security(to see only the data they have access to) and page level security (hide page 1 and 2)

 

I created three RLS for this:  RLS_Page1, RLS_Page2, RLS_Page3

 

When I tst this by assigning a user to only one RLS at a time it works,

When I test this by assigning a user to RLS_Page1 and  RLS_Page3, it works

Issue: Issue here is if I assign user to RLS_Page1 and RLS_Page2,  or RLS_Page3 and RLS_Page2,  they the row level secutity is being bypassed.

 

How can I fix this?

 

Thank you

 

1 ACCEPTED SOLUTION
ivana_tomekova
Advocate II
Advocate II

Problem is, that RLS_page 2 gives access to everything, as I understood it... if one user is in multiple RLS groups, RLS filters become additive... so if based on Page2 RLS they can see everything, this is then applied also to Page 1 and Page 3...

 

When you're considering the permission needs for a single report user, strive to create a single role that grants all those permissions, instead of a design where a report user will be a member of multiple roles. It's because a report user could map to multiple roles, either directly by using their user account or indirectly by security group membership. Multiple role mappings can result in unexpected outcomes.

 

Therefore, you need to choose between creating fewer roles or achieving the desired effect.


More in MS documentation here: Row-level security (RLS) guidance in Power BI Desktop - Power BI | Microsoft Learn

View solution in original post

2 REPLIES 2
ivana_tomekova
Advocate II
Advocate II

Problem is, that RLS_page 2 gives access to everything, as I understood it... if one user is in multiple RLS groups, RLS filters become additive... so if based on Page2 RLS they can see everything, this is then applied also to Page 1 and Page 3...

 

When you're considering the permission needs for a single report user, strive to create a single role that grants all those permissions, instead of a design where a report user will be a member of multiple roles. It's because a report user could map to multiple roles, either directly by using their user account or indirectly by security group membership. Multiple role mappings can result in unexpected outcomes.

 

Therefore, you need to choose between creating fewer roles or achieving the desired effect.


More in MS documentation here: Row-level security (RLS) guidance in Power BI Desktop - Power BI | Microsoft Learn

Page level security does not exist.  Create separate reports for separate audiences.

Helpful resources

Announcements
FabCon and SQLCon Barcelona 2026

FabCon & SQLCon – Barcelona 2026

Join us in Barcelona for FabCon and SQLCon, the Fabric, Power BI, SQL, and AI community event. Save €200 with code FABCMTY200.

60 days of Data Days Carousel

Data Days 2026

Join Fabric Data Days 2026: 60 days of free live/on-demand sessions, challenges, study groups, and certification opportunities.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.