Hi @Sreekanth_B ,

If @Col_Mar  response has resolved your query, please mark it as the "Accepted Solution" to assist others. 

Thank you

Hi @Sreekanth_B ,

We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet.do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Thank you.

Hi @Sreekanth_B ,

We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet.do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Thank you.

Thanks for Reply, To be More Specifc to my question, Even application ADMINS should not able to see the confidential Data. How can we achive this.

It's not clear what you mean by an application admin that you don't want to see what you're sharing with business users.

* Workspace contributors, members, and admins will be able to see all the data -- they get read access to all content and RLS is not applied to those roles.

* Workspace viewers will be able to see the report, but RLS will be applied to them.

* Tenant Admins won't see the workspace in their list by default -- they would need to be added to the workspace for that content to appear for navigation in the UI.  *HOWEVER* -- they could go add themselves to the workspace in any role via the Tenant Administrator tools.  This will apply to any content in the tenant.  I don't think there's any real way to restrict this from tenant admins.  But most are too busy to go looking for workspaces to nose around in and most already have a lot of access to super secret, super sensitive, super confidential data.  If this is too sensitive to risk the tenant admin possibly getting access, then perhaps this isn't the right platform to share that data.

The path forward depends on if you already have a workspace that is appropriately provisioned for the intended users. 

* If no workspace with appropriate permissions exists, then you need to create a new one and only add the appropriate workspace users, or don't add any users to workspace and share the individual item with the specific people who should see it. 

* Very important is to not accidentally create a organizational link to the report by clicking on the "Share" icon for the report and blindly clicking through the prompts, or to inadvertently give users Reshare permissions.

*Give the workspace and the reports boring names to discouraging nosiness. 

*Make sure that it is not set as Discoverable in the settings.  

* Clearly mark the report as Confidential.  Maybe even have a landing page with no data that spells out that it's confidential ,with some verbiage that users should only proceed if they are authorized, and provide a link to a hidden drill-down page with the actual data.

* Consider reviewing the usage reports daily to confirm who is accessing the report.  You may be able to set this up on a subscription.