Starting December 3, join live sessions with database experts and the Microsoft product team to learn just how easy it is to get started
Learn moreShape the future of the Fabric Community! Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions. Take survey.
I am trying to implement row level security in Power BI Embedded downloaded code which has been downloaded from below URL.
https://github.com/Microsoft/PowerBI-Developer-Samples/tree/master/User%20Owns%20Data/integrate-repo...
I have found a solution which can be implemented in earlier version of Power BI reports code but that is not useful for me. Please find below URL for this.
https://docs.microsoft.com/en-us/power-bi/developer/embedded-row-level-security
I would seek your help to find a solution to implement Row Level Security in above code. I look forward for response on this. Thanks
Hi,
I hardly require help to sort this out. Can anyone respond on this. Thanks
Are you using the App-Owns-Data model or the User-Owns-Data model?
If you are suing the App-Owns-Data model you must generate an embed token with an EffectiveIdentity to map your user to a UserName and one or more roles. If you are using the User-Owns-Data and UserName is passed autoamtically and you must map each users to their RLS roles in the Power BI service.
In either case you can use dynamic RLS with a Users table and a UserPermissions table. Can you be more specific about what you are trying to accomplish?
Thanks for your response.
I am using User-Owns-Data to implement my requirement.
I have successfully implemented displaying reports list based on workspace/group id and able to display report data when user click on particular report from the list. This is working as expected.
Now, I have to apply Row Level Security for the reports. i.e., based on the role of the user, report data to be filtered and only reports should be displayed based on filtered data. I have tried but didn't get a solution for this.
Please see below screenshot of code to give you an idea how I am getting access token from authentication result. I am using the access token to get reports list and to display individual report.
I think I need to make changes in code. But I would require your help to get this sorted. Thanks
If you are using User-Owns-Data then there is much less work to do. When using App-Owns-Data you must programatically generate an embed code with the RLS roles inside. But with User-Owns-Data, all of RLS is configured external to your applation.
Here are the basic steps.
At this point, RLS should work and Power BI embedding should only display the data for each user based on the role(s) they are in. I think you should be able to accomplsh this without any changes to your current application.
@TedPattison - What should be the solution for Apps Own Data Scenario? I'm also facing the similar problem with my embedded reports. Embedding works as expected but not the Row level security. Here is my scenario -
1. Data Source - SQL Server On-premise
2. Dynamic RLS is configued in Power BI Desktop
3. Published Reports to Premium Capacity, upgraded Workspace
4. Embedded Solution - Apps Own Data using JavaScript (used GenerateToken method)
5. Added EffectiveIdentity as below in the JavaScript GenerateToken Call.
{
"accessLevel": "View",
"identities": [
{
"username": "EffectiveIdentity",
"roles": [ "Role1", "Role2" ],
"customData": "MyCustomData",
"datasets": [ "fe0a1aeb-f6a4-4b27-a2d3-b5df3bb28bdc" ]
}
]
}
What am I missing here? Thank you!