The ultimate Microsoft Fabric, Power BI, Azure AI, and SQL learning event: Join us in Stockholm, September 24-27, 2024.
Save €200 with code MSCUST on top of early bird pricing!
Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started
When embedding a report with dynamic binding using the Embed Token - Generate Token endpoint, there doesn't appeat to be any way to restrict a user from calling the 'Save As' menu option.
It is possible to hide the menu option in the configuration options, however I wouldn't consider browser code secure, and a malicious user could change this configuration and create resources in Power BI service. I want to prevent them from doing this.
Unlike the similar endpoints for reports (Embed Token - Reports GenerateTokenInGroup), there is no field allowing you to specify 'allowSaveAs' on the token. I've tried using the Embed Token - Reports GenerateTokenInGroup endpoint and setting a dataset ID but this results in 403 forbidden errors.
Hi @jjgray-sl ,
If you're using the Generate token for multiple reports, datasets, and target workspaces API, use the allowEdit parameter to grant the user viewing and editing permissions.
For more details, please refer to;
Generate an embed token in Power BI embedded analytics - Power BI | Microsoft Learn
Best Regards,
Jianbo Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
We've tried this. Unfortunately setting the 'allowEdit' field to false only prevents the user from using the 'save' functionality on the report. They are still able to 'save as'. This behaviour seems strange to me, but it seems to be what I'm seeing
Best regards,
JJ Gray
Join the community in Stockholm for expert Microsoft Fabric learning including a very exciting keynote from Arun Ulag, Corporate Vice President, Azure Data.
Check out the August 2024 Power BI update to learn about new features.
User | Count |
---|---|
12 | |
2 | |
1 | |
1 | |
1 |