Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Join us for an expert-led overview of the tools and concepts you'll need to become a Certified Power BI Data Analyst and pass exam PL-300. Register now.

Reply
LucaVivian
New Member

RLS and API

‎12-17-2019 04:43 AM

How can i get via api the role level security list associated to a dataset?

We have dozens of datasets and we would like to build a report that lists the RLS of the datasets; doing it manually is impossible.

2019-12-17_134007.png

Labels:
Message 1 of 5
2,177 Views
0
4 REPLIES 4
Anonymous
Not applicable

‎01-02-2020 12:04 AM

HI @LucaVivian ,

I'd like to suggest you write a complex RLS role with multiple conditions and username to achieve dynamic RLS(you can add a custom column to store 'query table source' for advanced conditions RLS filter).

After these steps, you only need to configure a security group for your users and assign the RLS role to this group to enable RLS filter. (I think these should help to reduce the workload of assign roles to users from dozens of RLS roles)

RLS with UserName() 

Row-level security (RLS) with Power BI#add-members 

You can add a member to the role by typing in the email address, or name, of the user, security group or distribution list you want to add. You cannot add Groups created within Power BI. You can add members external to your organization.

Regards,

Xiaoxin Sheng

Message 2 of 5
2,122 Views
0
LucaVivian
New Member
In response to Anonymous

‎01-09-2020 02:44 AM

Ciao @Anonymous ,

thanks for your answer, but the problem is not how to assign RLS but monitoring, perhaps with a dashboard, how and whom RLS are assigned.
For Example, my Internal Audit could ask: "which security rules are applied to the XYX group?"

Message 3 of 5
2,076 Views
0
mattLA
New Member
In response to LucaVivian

‎09-22-2022 04:03 AM

Hi did you get an answer to this - be interested to see where you got to.
You can do SSAS models (the XMLA I guess) using dynamic management views and I've done this for a SSAS model - I'm looking for how I apply this to a non-SSAS model (i.e. PBIX file loaded up to create the dataset/RLS).

 

 

Link here to get launched on DMVs:

https://learn.microsoft.com/en-us/analysis-services/instances/use-dynamic-management-views-dmvs-to-m...

 

Message 5 of 5
868 Views
0
Anonymous
Not applicable
In response to LucaVivian

‎01-13-2020 02:12 AM

Hi @LucaVivian ,

After you add a group field into your user table, it will group users based on group fields. (notice: RLS filter should be applied to group field instead of username field)
So if users(A,B,C,D) are in group 'XYZ', after RLS filter enabled, they can view all XYZ group members' records. (RLS will use current username to find out the corresponding group and apply the filter to other tables based on group member usernames and relationship mapping)

If you still require more complex security manage, you can also add more tables and links to user table to enable higher-level RLS filter. (it will increase the complexity of RLS filter expressions)
For example:
Each user has his 'use role'(employee, leader, group manager, admin) and group, it will apply RLS filter based on the group and its role level. (employ: current user, leader: user and his employee, group manager: all users of current group, admin: all group users)
Regards,

Xiaoxin Sheng

Message 4 of 5
2,033 Views
0

Helpful resources

Announcements
Join our Fabric User Panel

Join our Fabric User Panel

This is your chance to engage directly with the engineering team behind Fabric and Power BI. Share your experiences and shape the future.

June 2025 Power BI Update Carousel

Power BI Monthly Update - June 2025

Check out the June 2025 Power BI update to learn about new features.

June 2025 community update carousel

Fabric Community Update - June 2025

Find out what's new and trending in the Fabric community.

View All