Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

We've captured the moments from FabCon & SQLCon that everyone is talking about, and we are bringing them to the community, live and on-demand. Starts on April 14th. Register now

Julius_Henderso

Not Supporting SSO for Dataflows Introduces a Security Issue

Submitted by on ‎06-05-2024 08:44 AM

Dataflows (both Gen 1 and Gen 2) do not support SSO. Unfortunately it simply bypasses SSO, allowing the user to see what the Power BI / Fabric Connection service account has for access. This bypasses security controls and introduces a significant security issue. Please address this issue. Options include:


  1. Updating your documentation to state that Dataflows bypass the SSO option of your Connection completely.
  2. Make it so if a Dataflow sources a Connection with the SSO option it errors or fails, instead of silently bypassing it.
  3. Making SSO work with Dataflows.
  4. Allow for Dataflow only Connections.
Status: New
See more ideas labeled with:
2 Comments (2 New)
Comments
agustin_martin
New Member
‎11-05-2024 12:35 AM

They addressed it by stating in the documentation that only semantic models support sso.


It's quite baffling how Microsoft can promote Dataflows as the solution for reuse and efficiency while ommiting this glaring security issue.

Having the enterprise Gateway ignore sso for dataflows effectively removes any security control for analysts using anything except semantic models.


As it stands, it seems that Microsoft currently does not have a solution for enterprise scenarios where you need:

  • Efficient acces to on-prem data
  • Access control (security)

Which seem to me quite basic requirements for any data enterprise aspiring solution.

fbcideas_migusr
New Member
‎02-25-2025 12:16 PM
Status changed to: New