Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Enhance your career with this limited time 50% discount on Fabric and Power BI exams. Ends August 31st. Request your voucher.

Reply
Elisa_Costanza
Helper I
Helper I

How to embed a Power BI report into a web application

‎07-01-2025 03:08 AM

Hi everyone,
I'm asking for some help to understand how to embed a Power BI report into a web application that the development team is building for the client.

I'm currently working on a Power BI report that will later be embedded into the client's web application (so it will be private, not public).

What do I need to do on the Power BI side to allow the report to be embedded?

Please note:

- The website is accessed through Single Sign-On (SSO).

- We have capacity premium.

- Users will already be logged into the web application.

- They should be able to view the report as soon as they click on the "Dataplatform" section.

 

Thank you very much for your support!

Labels:
Message 1 of 8
616 Views
1 ACCEPTED SOLUTION
Poojara_D12
Super User
Super User

‎07-04-2025 09:18 PM

Hi @Elisa_Costanza 

To embed a Power BI report securely into a private web application—especially one that uses Single Sign-On (SSO) and where users should view the report seamlessly—you’ll want to use Power BI’s "user owns data" or "app owns data" embedding model, with the "app owns data" model being the right fit in most enterprise cases like yours. Since you mentioned that the client has Power BI Premium capacity, you're well-positioned to use the Power BI REST APIs and service principals for scalable, secure embedding without requiring individual user Power BI Pro licenses.

 

Here’s how it works in practice:

 

Set up Azure AD and Register an Application: First, register your web application in Azure Active Directory (Azure AD) to obtain a client ID, client secret, and define permissions (e.g., Report.Read.All, Dataset.Read.All). This app will authenticate via OAuth 2.0 to generate embed tokens.

 

Use a Service Principal for Backend Authentication: Since users are already authenticated in your web app via SSO, you can use their identity or roles to determine access logic, but the actual Power BI interaction is done via a service principal. This avoids requiring each user to have a Power BI account.

 

Configure Workspaces and Reports: Make sure the Power BI report is published into a workspace that is hosted on Premium capacity. Grant the Azure AD service principal access to that workspace with at least Viewer or Contributor permissions.

 

Generate Embed Tokens: In your backend, use the Power BI REST API to generate an embed token for the report. This token securely grants the front-end user access to the report based on the roles and dataset access you define. The token is passed to the frontend where Power BI JavaScript SDK loads the report.

 

Embed with JavaScript SDK: In the front-end of the web application, use the Power BI JavaScript SDK (powerbi-client) to render the report inside an iframe or component. The user will see the report as soon as they enter the "Dataplatform" section, using the embed token issued from the backend.

 

Row-Level Security (Optional): If users should see only a subset of data, implement Row-Level Security (RLS) in your dataset and pass the effective identity of the user when generating the embed token (e.g., their email or role from your SSO system).

 

Did I answer your question? Mark my post as a solution, this will help others!
If my response(s) assisted you in any way, don't forget to drop me a "Kudos"

Kind Regards,
Poojara - Proud to be a Super User
Data Analyst | MSBI Developer | Power BI Consultant
Consider Subscribing my YouTube for Beginners/Advance Concepts: https://youtube.com/@biconcepts?si=04iw9SYI2HN80HKS

View solution in original post

Message 7 of 8
384 Views
0
7 REPLIES 7
Poojara_D12
Super User
Super User

‎07-04-2025 09:18 PM

Hi @Elisa_Costanza 

To embed a Power BI report securely into a private web application—especially one that uses Single Sign-On (SSO) and where users should view the report seamlessly—you’ll want to use Power BI’s "user owns data" or "app owns data" embedding model, with the "app owns data" model being the right fit in most enterprise cases like yours. Since you mentioned that the client has Power BI Premium capacity, you're well-positioned to use the Power BI REST APIs and service principals for scalable, secure embedding without requiring individual user Power BI Pro licenses.

 

Here’s how it works in practice:

 

Set up Azure AD and Register an Application: First, register your web application in Azure Active Directory (Azure AD) to obtain a client ID, client secret, and define permissions (e.g., Report.Read.All, Dataset.Read.All). This app will authenticate via OAuth 2.0 to generate embed tokens.

 

Use a Service Principal for Backend Authentication: Since users are already authenticated in your web app via SSO, you can use their identity or roles to determine access logic, but the actual Power BI interaction is done via a service principal. This avoids requiring each user to have a Power BI account.

 

Configure Workspaces and Reports: Make sure the Power BI report is published into a workspace that is hosted on Premium capacity. Grant the Azure AD service principal access to that workspace with at least Viewer or Contributor permissions.

 

Generate Embed Tokens: In your backend, use the Power BI REST API to generate an embed token for the report. This token securely grants the front-end user access to the report based on the roles and dataset access you define. The token is passed to the frontend where Power BI JavaScript SDK loads the report.

 

Embed with JavaScript SDK: In the front-end of the web application, use the Power BI JavaScript SDK (powerbi-client) to render the report inside an iframe or component. The user will see the report as soon as they enter the "Dataplatform" section, using the embed token issued from the backend.

 

Row-Level Security (Optional): If users should see only a subset of data, implement Row-Level Security (RLS) in your dataset and pass the effective identity of the user when generating the embed token (e.g., their email or role from your SSO system).

 

Did I answer your question? Mark my post as a solution, this will help others!
If my response(s) assisted you in any way, don't forget to drop me a "Kudos"

Kind Regards,
Poojara - Proud to be a Super User
Data Analyst | MSBI Developer | Power BI Consultant
Consider Subscribing my YouTube for Beginners/Advance Concepts: https://youtube.com/@biconcepts?si=04iw9SYI2HN80HKS
Message 7 of 8
385 Views
0
Elisa_Costanza
Helper I
Helper I
In response to Poojara_D12

‎07-07-2025 01:28 AM

Thanks @Poojara_D12 . You were very clear and precise. I wanted to ask you more about the RLS. Each user can only see certain information that interests them. I was thinking of setting the security directly in the SQL Views (created specifically for reporting in Power BI). Can I use this solution? instead of using the RLS directly on Power BI?

Message 8 of 8
324 Views
0
v-sdhruv
Community Support
Community Support

‎07-02-2025 03:13 AM

Hi @Elisa_Costanza ,

Apart from following the documentation shared which gives detailed explaination you can also follow these checks to embed the report-

1. Set Up Power BI Service and Workspace-Ensure that your Power BI report is published to a workspace that has the necessary permissions and premium capacity.

2. Configure Permissions-Assign the necessary permissions to the service principal or application that will be accessing the Power BI report.

3.Embed the Report- Use the Power BI Embedded API to embed the report into your web application. This involves generating an embed token that provides the necessary permissions for users to view the report. The embed token is generated using the Power BI REST API and should be securely passed to the client application.

4. Handle Authentication and SSO- Since your web application uses Single Sign-On (SSO), ensure that the authentication flow is correctly implemented.

5.Integrate with Web Application- Embed the Power BI report into your web application using the Power BI JavaScript SDK. This SDK allows you to integrate the report and handle interactions such as filtering, refreshing, and navigating within the report.

Also, please refer for step-by-step guide.

Embed a report in a secure portal or website


Hope this helps!
If the response has addressed your query, please accept it as a solution so that other members can easily find it.
Thank you.

Message 6 of 8
528 Views
lbendlin
Super User
Super User

‎07-01-2025 02:16 PM

The documentation is pretty exhaustive

 

Power BI embedded analytics overview - Power BI | Microsoft Learn

Message 2 of 8
574 Views
0
Elisa_Costanza
Helper I
Helper I
In response to lbendlin

‎07-03-2025 12:54 AM

Thank you for te documentation. Seems that the solution for my task is "Embed for your organization". I would like to understand whether this option can actually be applied in my scenario. Is it compatible with a Premium workspace capacity? Because in the detail I read this:

Elisa_Costanza_0-1751529248933.png

and then, can I apply security at the database level, for example by setting roles directly in the view through SQL Server?

Message 3 of 8
479 Views
0
lbendlin
Super User
Super User
In response to Elisa_Costanza

‎07-03-2025 07:51 AM

yes, this works on P and F SKUs

Message 4 of 8
458 Views
0
Elisa_Costanza
Helper I
Helper I
In response to lbendlin

‎07-07-2025 01:30 AM

Thanks @lbendlin . You were very precise 🙂

Message 5 of 8
324 Views
0

Helpful resources

Announcements
July PBI25 Carousel

Power BI Monthly Update - July 2025

Check out the July 2025 Power BI update to learn about new features.

Join our Fabric User Panel

Join our Fabric User Panel

This is your chance to engage directly with the engineering team behind Fabric and Power BI. Share your experiences and shape the future.

June 2025 community update carousel

Fabric Community Update - June 2025

Find out what's new and trending in the Fabric community.

View All