Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Next up in the FabCon + SQLCon recap series: The roadmap for Microsoft SQL and Maximizing Developer experiences in Fabric. All sessions are available on-demand after the live show. Register now

Reply
rnehrboss
Helper II
Helper II

embedded javascript security risk question

‎06-03-2022 08:59 PM

Hi,

I've gotte embedding with a capacity working.

I check to see what user is logged in and create a filter to pass through the javascirpt API.

Power BI works great shows charts with filtering etc.

 

I'm now concerned about the security implications.

If I load the page and then view page source, I see the javasciprt with the access and embed tokens, as well as my filters. 

It seems like someone had access to the page, they could just take the page source, and change filters and create a new page that would give them access to other data (not allowed based on their own filters).

 

Am I missing something?  

I don't want to use Row Level Security, because we manage users and persmissions in web app.

 

Thanks!

 

Message 1 of 3
768 Views
0
2 REPLIES 2
v-chenwuz-msft
Community Support
Community Support

‎06-06-2022 08:12 PM

Hi @rnehrboss ,

 

The problem is that different users will get the same token. For the dataset, the kind of data it can give to the user is based on the token.

 

If you want different users to get different tokens with different permissions, then there are only two ways to do that according to the official documentation.

 

For more details, you can refer this link.

Generate an embed token in Power BI embedded analytics - Power BI | Microsoft Docs

 

Best Regards

Community Support Team _ chenwu zhu

 

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

 

Message 3 of 3
659 Views
0
rnehrboss
Helper II
Helper II

‎06-04-2022 01:13 PM

anyone knowlegable on this?

Message 2 of 3
712 Views
0

Helpful resources

Announcements
New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

Join our Fabric User Panel

Join our Fabric User Panel

Share feedback directly with Fabric product managers, participate in targeted research studies and influence the Fabric roadmap.

March Power BI Update Carousel

Power BI Community Update - March 2026

Check out the March 2026 Power BI update to learn about new features.

View All