Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
JohnFraser
New Member

RLS - external roles

‎01-14-2024 07:01 PM

Hi all,

first post so deep breath!

 

We are running a module as SaaS in Azure and I've designed a Power BI report and published it to a test workspace, then provided a walkthrough for one of our customers before I drop the work into the team to prep it for production. The customer raised an understandable question, can we restrict visibility of the data to certain roles? As an overview, we use Identity Server 4, which supports whatever authenticator the customer wants to use, and they are capable of creating any number of "roles" that are needed. As the SaaS vendor, I don't know what they are, nor do I really want to care, they need to be able to create new roles and say these roles get to see data with codes 123, 456 & 789, the codes form a column in the report.

 

My question now is one of how do I dynamically support them creating roles in whatever their authenticator is and a set of codes that role has visibility to and then apply that role to the report, is there a method of passing the list of codes in from the page where the report is embedded and have RLS say (DAX like) Where code in (<array of codes>)? Or am I trying to explore the limit of what RLS can do?

<edit fix some layout & spelling>

 

Cheers

John

Message 1 of 2
215 Views
0
1 ACCEPTED SOLUTION
v-xiandat-msft
Community Support
Community Support

‎01-15-2024 06:00 PM

Hi @JohnFraser ,

For your requirements, dynamic RLS can be satisfied, first when creating a role in a Power BI report, write DAX as the user's username(), so that each user can find the corresponding user based on their own UPN, and then impose restrictions on it.

Below is the official link could help you:

Row-level security (RLS) with Power BI - Power BI | Microsoft Learn

Best Regards,

Xianda Tang

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

Message 2 of 2
154 Views
0
1 REPLY 1
v-xiandat-msft
Community Support
Community Support

‎01-15-2024 06:00 PM

Hi @JohnFraser ,

For your requirements, dynamic RLS can be satisfied, first when creating a role in a Power BI report, write DAX as the user's username(), so that each user can find the corresponding user based on their own UPN, and then impose restrictions on it.

Below is the official link could help you:

Row-level security (RLS) with Power BI - Power BI | Microsoft Learn

Best Regards,

Xianda Tang

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Message 2 of 2
155 Views
0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All