Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Learn from the best! Meet the four finalists headed to the FINALS of the Power BI Dataviz World Championships! Register now

Reply
PatLong
Frequent Visitor

Accessing a secure REST API with a dynamic URL

‎11-10-2020 06:05 AM

We have an api that looks a bit like this https://ourapi.com/stores/[STOREID]/customers. We want to secure the api against Azure AD. All our reports users are in our Azure AD. We have a "Role" defined per store and we use that for Row Level security in the report.

 

I am not very familiar with PowerBI but it looks like I could add the API as a "Web" DataSource and then break the API url down into parts with the STOREID being a seperate part. It looks like I should be able to populate the STOREID part with a parameter.

 

1. Is it correct to use Web data source and Url parts with parameters?
2. Assuming it is correct to use parameters with a web data source how do I get the report user's defined store into that paramater?
3. When the call to the API is made how do we ensure it is an authenticated call?

 

Labels:
Message 1 of 3
636 Views
0
2 REPLIES 2
V-lianl-msft
Community Support
Community Support

‎11-11-2020 10:19 PM

Hi @PatLong ,

 

To get started, you need to connect to your API from Power BI Desktop to start building your queries.

Users can get data by inputting parameters through template application in service, but RLS cannot be applied in service.

https://docs.microsoft.com/en-us/power-bi/connect-data/service-template-apps-create 

Another method is to apply dynamic RLS in a report with the whole dataset.

https://radacad.com/dynamic-row-level-security-with-power-bi-made-simple 

 

Best Regards,
Liang
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Message 2 of 3
589 Views
0
PatLong
Frequent Visitor
In response to V-lianl-msft

‎01-04-2021 06:01 AM

Sorry I has taken me so long to reply to this. We are a small team doing multiple jobs.

 

I need to better understand what I believe are two options you have suggested

 

1. Apply dynamic RLS in a report with the whole dataset. If I undertsand this correctly this would mean our API would return a reponse with customer data across stores and then we would rely on PowerBI to filter data using RLS. Is that a correct understanding?

 

2. Create a "template application" that would allow users to change parts of the api service URL via paramaters? IS that a correct understanding?

 

Assuming I have understood both your suggested options then neither work for us. Option 1 is exposing data to too wide and audience via a REST APi just so we can have the client (PowerBI) "secure" that access with filtering

 

Option 2 doesn't work either because it is relying on users changing the URL with a template application. I don't know much about template applicatons but it seems like a big change when all I want to do is call a REST api and WITHIN the REST api know the AzureAd identity of the report user. Note I am not trying to apply PowerBI's RLS within our API but I do want to get at the calling user's identity.

 

Is this not possible?

 

We need the 

 

 

 

 

Message 3 of 3
542 Views
0

Helpful resources

Announcements
Join our Fabric User Panel

Join our Fabric User Panel

Share feedback directly with Fabric product managers, participate in targeted research studies and influence the Fabric roadmap.

February Power BI Update Carousel

Power BI Monthly Update - February 2026

Check out the February 2026 Power BI update to learn about new features.

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All