Hello Community,
Please see the following PBIX for reference.
https://drive.google.com/drive/folders/13HqZmd_S7YEcTLWUr2txNN-7ysRug3ZX?usp=drive_link
2023.08.04 User Security.pbix
Key Points:
1) One layer of RLS already exists & is working fine. No problem.
- On 'D Agent', the DAX filter expression is: [Agent Email] = USERPRINCIPALNAME()
- When any agent views the report, RLS correctly filters to only show data pertaining to that specific agent.
2) Business requires that a second & separate layer of RLS be implemented. This is what I'm not sure how to do.
- When any user in 'User Security'[User Email] (i.e. USERPRINCIPALNAME() ) views the report,
RLS should filter to only show data specific to values in 'User Security'[Office ID].
- NOTE: In most cases, a user is NOT an agent, but it does happen occasionally.
- NOTE: Users are not unique in 'User Security'. The same user can appear multiple times in the table, each
time linked to a different Office ID.
EXAMPLE:
1) Without any filters applied, you can see the following 3 visuals. (2 slicers & 1 table)
2) The 'User Security' table shows that User1 is linked to 2 different offices (Office IDs: 3 & 2)
As a result, when user1@test.com views the report, RLS must filter to show only the data pertaining to these 2 Office IDs:
- Office ID 3 = Detroit, MI
- Office ID 2 = Sacramento, CA
(Of course, all data for any other Office ID should be hidden from this user.)
'User Security'
'D Office'
The desired result should only show what is selected below.
Anything not selected should not even be visible to User 1.
Here are the remaining model items:
'Sales'
'D Agent'
Regards,
Nathan
@WinterMist it should be straightforward, set relationship as shown below:
Cross filter direction: both, apply security filter: on
Add another role on User Access table, I called it user access
output:
👉 Learn Power BI and Fabric - subscribe to our YT channel - @PowerBIHowTo
Subscribe to the @PowerBIHowTo YT channel for an upcoming video on List and Record functions in Power Query!!
Learn Power BI and Fabric - subscribe to our YT channel - Click here: @PowerBIHowTo
If my solution proved useful, I'd be delighted to receive Kudos. When you put effort into asking a question, it's equally thoughtful to acknowledge and give Kudos to the individual who helped you solve the problem. It's a small gesture that shows appreciation and encouragement! ❤
Did I answer your question? Mark my post as a solution. Proud to be a Super User! Appreciate your Kudos 🙂
Feel free to email me with any of your BI needs.
@WinterMist read more about multiple roles here Row-level security (RLS) guidance in Power BI Desktop - Power BI | Microsoft Learn
In nutshell, this is what is says: When a report user is assigned to multiple roles, RLS filters become additive. It means report users can see table rows that represent the union of those filters. What's more, in some scenarios it's not possible to guarantee that a report user doesn't see rows in a table.
👉 Learn Power BI and Fabric - subscribe to our YT channel - @PowerBIHowTo
If my solution proved useful, I'd be delighted to receive Kudos. When you put effort into asking a question, it's equally thoughtful to acknowledge and give Kudos to the individual who helped you solve the problem. It's a small gesture that shows appreciation and encouragement! ❤️
Subscribe to the @PowerBIHowTo YT channel for an upcoming video on List and Record functions in Power Query!!
Learn Power BI and Fabric - subscribe to our YT channel - Click here: @PowerBIHowTo
If my solution proved useful, I'd be delighted to receive Kudos. When you put effort into asking a question, it's equally thoughtful to acknowledge and give Kudos to the individual who helped you solve the problem. It's a small gesture that shows appreciation and encouragement! ❤
Did I answer your question? Mark my post as a solution. Proud to be a Super User! Appreciate your Kudos 🙂
Feel free to email me with any of your BI needs.
@WinterMist it should be straightforward, set relationship as shown below:
Cross filter direction: both, apply security filter: on
Add another role on User Access table, I called it user access
output:
👉 Learn Power BI and Fabric - subscribe to our YT channel - @PowerBIHowTo
Subscribe to the @PowerBIHowTo YT channel for an upcoming video on List and Record functions in Power Query!!
Learn Power BI and Fabric - subscribe to our YT channel - Click here: @PowerBIHowTo
If my solution proved useful, I'd be delighted to receive Kudos. When you put effort into asking a question, it's equally thoughtful to acknowledge and give Kudos to the individual who helped you solve the problem. It's a small gesture that shows appreciation and encouragement! ❤
Did I answer your question? Mark my post as a solution. Proud to be a Super User! Appreciate your Kudos 🙂
Feel free to email me with any of your BI needs.
Helpful resources
Power BI Monthly Update - August 2025
Check out the August 2025 Power BI update to learn about new features.
Fabric Community Update - August 2025
Find out what's new and trending in the Fabric community.
