Power BI is turning 10! Tune in for a special live episode on July 24 with behind-the-scenes stories, product evolution highlights, and a sneak peek at what’s in store for the future.
Save the dateEnhance your career with this limited time 50% discount on Fabric and Power BI exams. Ends August 31st. Request your voucher.
We display reports to users of our SaaS application by embedding them. The config to get the embed url uses a Service Principal.
For a time we have been using a JavaScript filter to filter report data based on a user's group. This is problematic because a user could potentially hack it and see other groups data.
We have attempted to implement Row Level Security (RLS) while getting the embed token using the code below.
Each user does not have a user account in AAD, so we want to use the Service Principal of the Enterprise Application registered in AAD that we use to get the access token for talking to the api.
Using the C# SDK no matter what username I put in to the EffectiveIdentity it returns a status code of 'Unauthorized'.
Have tried:
Has anyone else had experience with this and can give me an idea what value should be used for the username property?
var tokenRequest = new GenerateTokenRequestV2(
reports: new List<GenerateTokenRequestV2Report>() { new GenerateTokenRequestV2Report(reportId) },
datasets: datasetIds.Select(datasetId => new GenerateTokenRequestV2Dataset(datasetId.ToString())).ToList(),
targetWorkspaces: targetWorkspaceId != Guid.Empty ? new List<GenerateTokenRequestV2TargetWorkspace>() { new GenerateTokenRequestV2TargetWorkspace(targetWorkspaceId) } : null
);
tokenRequest.Identities = new List<EffectiveIdentity> {
new EffectiveIdentity("[Service Principal Object Id]"
// //,reports: new List<string>() { reportId.ToString() }
,datasets: datasetIds.Select(datasetId => datasetId.ToString()).ToList()
// ,roles: new[] { "CommunityAdmin" }
// //, customData:"0ea41e5e-13aa-4a15-8fdc-a7b152dfb089"
)
};
Solved! Go to Solution.
Hi @WayneT ,
As mentioned in this official documentation:
Applying user and role to an embed token
Best Regards
Hi @WayneT ,
As mentioned in this official documentation:
Applying user and role to an embed token
Best Regards
Check out the July 2025 Power BI update to learn about new features.
User | Count |
---|---|
6 | |
6 | |
3 | |
2 | |
2 |
User | Count |
---|---|
6 | |
5 | |
4 | |
4 | |
3 |