Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Shape the future of the Fabric Community! Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions. Take survey.

Reply
JamesMinton
Frequent Visitor

Need help - Embedding RLS in GenerateTokenRequestV2Report - BadRequest

Hello,  

 

First time posting! 

I'm having troubles when trying to add RLS in my Power Bi embedding application.

This is how my application was working before trying to add RLS 

powerBi1.PNG

 

I then tried to do the following 

 

PowerBi2.PNG

(Side note : the username and roles are just testing, I'm not sure what I'm going to put there yet, I just want to see the token generate again)

 

This code not BadRequest errors on the pbliClient.EmbedToken.GenerateToken(tokenRequest); line

 

Does anyone have any ideas of where I'm going wrong? I'm new to PowerBi Embedding 

 

Thanks for your time,  

James

2 REPLIES 2
JamesMinton
Frequent Visitor

Thank you for your reply!

 

Any idea why I might be getting that BadRequest error though?

v-jianboli-msft
Community Support
Community Support

Hi @JamesMinton ,

 

With Row Level Security (RLS), the identity you use can be different from the identity of the service principal or master user you're using to generating the token. By using different identities, you can display embedded information according to the user you're targeting. For example, in your application you can ask users to sign in, and then display a report that only contains sales information if the signed in user is a sales employee.

If you're using RLS, you can sometimes leave out the user's identity (the EffectiveIdentity parameter). When you don't use the EffectiveIdentity parameter, the token has access to the entire database. This method can be used to grant access to users such as admins and managers, who have permission to view the entire dataset. However, you can't use this method in every scenario. The table below lists the different RLS types, and shows which authentication method can be used without specifying a user's identity.

Here is the considerations and limitation applicable to each RLS type.

Besides, you can find some examples here:  Embed Token - Generate Token - Examples| Microsoft Learn

 

For more details, please refer to:

Security in Power BI embedded analytics - Power BI | Microsoft Learn

 

Best Regards,

Jianbo Li

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Helpful resources

Announcements
November Carousel

Fabric Community Update - November 2024

Find out what's new and trending in the Fabric Community.

Dec Fabric Community Survey

We want your feedback!

Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions.

Nov PBI Update Carousel

Power BI Monthly Update - November 2024

Check out the November 2024 Power BI update to learn about new features.

Live Sessions with Fabric DB

Be one of the first to start using Fabric Databases

Starting December 3, join live sessions with database experts and the Fabric product team to learn just how easy it is to get started.