Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Get certified in Microsoft Fabric—for free! For a limited time, the Microsoft Fabric Community team will be offering free DP-600 exam vouchers. Prepare now

Reply
JamesMinton
Frequent Visitor

Need help - Embedding RLS in GenerateTokenRequestV2Report - BadRequest

Hello,  

 

First time posting! 

I'm having troubles when trying to add RLS in my Power Bi embedding application.

This is how my application was working before trying to add RLS 

powerBi1.PNG

 

I then tried to do the following 

 

PowerBi2.PNG

(Side note : the username and roles are just testing, I'm not sure what I'm going to put there yet, I just want to see the token generate again)

 

This code not BadRequest errors on the pbliClient.EmbedToken.GenerateToken(tokenRequest); line

 

Does anyone have any ideas of where I'm going wrong? I'm new to PowerBi Embedding 

 

Thanks for your time,  

James

2 REPLIES 2
JamesMinton
Frequent Visitor

Thank you for your reply!

 

Any idea why I might be getting that BadRequest error though?

v-jianboli-msft
Community Support
Community Support

Hi @JamesMinton ,

 

With Row Level Security (RLS), the identity you use can be different from the identity of the service principal or master user you're using to generating the token. By using different identities, you can display embedded information according to the user you're targeting. For example, in your application you can ask users to sign in, and then display a report that only contains sales information if the signed in user is a sales employee.

If you're using RLS, you can sometimes leave out the user's identity (the EffectiveIdentity parameter). When you don't use the EffectiveIdentity parameter, the token has access to the entire database. This method can be used to grant access to users such as admins and managers, who have permission to view the entire dataset. However, you can't use this method in every scenario. The table below lists the different RLS types, and shows which authentication method can be used without specifying a user's identity.

Here is the considerations and limitation applicable to each RLS type.

Besides, you can find some examples here:  Embed Token - Generate Token - Examples| Microsoft Learn

 

For more details, please refer to:

Security in Power BI embedded analytics - Power BI | Microsoft Learn

 

Best Regards,

Jianbo Li

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Helpful resources

Announcements
September Hackathon Carousel

Microsoft Fabric & AI Learning Hackathon

Learn from experts, get hands-on experience, and win awesome prizes.

October NL Carousel

Fabric Community Update - October 2024

Find out what's new and trending in the Fabric Community.

Top Solution Authors