Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Join us at FabCon Atlanta from March 16 - 20, 2026, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM. Register now.

Reply
Anonymous
Not applicable

How to set data access in powerbi because Row level security only work in web not work for localfile

‎03-19-2020 10:15 PM

Dear Every one

My company have 34 properties (34 hotels). We user SAP ERP to record accounting entry for all these properties. Our accounting data is centrailized and stored on Amazon cloud.

 

Our policy do not allow each property can see data of other property because business confidential information.

 

Before, we use SAP BI and end user at 34 property is established data area they can access when they sign in to SAP BI. But I can not do that on PowerBI. PowerBI only support Row level security on webservice. User can not be set up to download report in Powerbi because if they have "contributor" role on workspace, they can download report in term of pbix file and they can see all data of other property. The reporter at all property complain so much about which they can not access to their own data to make report by themselve and want to have something like SAP BI can do.

 

It is important that it is nightmare and go against with data storage development of human if we seperate our centralized data only due to funtion of powerbi can not make authorization to data source l

 

How can you help me becuase

Labels:
Message 1 of 6
1,389 Views
0
5 REPLIES 5
Anonymous
Not applicable

‎03-22-2020 08:07 PM

HI @Anonymous,

For power bi dataset RLS, it only works on read-premises users. (notice: build and edit permissions will ignore RLS filter effect)

Row-level security (RLS) with Power BI 

Download a report from the Power BI service to Power BI Desktop (Preview) 
Maybe you can consider to parameterize your connection string with query parameters and setting filters based on these parameters or enabled RLS on your data source side based on credentials.

Deep Dive into Query Parameters and Power BI Templates 

Using the Power BI Service Parameters to change connection strings (To possibly change between Dev  

Regards,
Xiaoxin Sheng

Message 4 of 6
1,330 Views
0
Anonymous
Not applicable
In response to Anonymous

‎03-27-2020 07:21 PM

Hi @Anonymous 

Parameter is not good solution, because if user can dowload report to make another report by themselves, they can change value in parameter if they have knowledge about parameter => The data security is not meet as requirement that each user can not see other user data.

Do you have any way to set paramater by username (Like Dax funtion Usernameprinciple)?

If paramter can recognize user login to system the problem will be solved

Message 5 of 6
1,298 Views
0
Anonymous
Not applicable
In response to Anonymous

‎04-01-2020 02:00 AM

HI @Anonymous,

Unfortunately, current it does not contain username functions in query parameter.
Perhaps you can consider setting RLS on your data source side and enabled SSO to use the personal credentials to access to datasource.

Manage data sources 

Regards,

Xiaoxin Sheng

Message 6 of 6
1,255 Views
0
TomMartens
Super User
Super User

‎03-19-2020 11:41 PM

@Anonymous 

 

you need more than one workspace.

 

Create a workspace "Central" that contains the dataset provide row level security to all the users you want

for example provide

access to user a and user b to property 1
access to user c to property 2

 

Provide build permission to the dataset (https://docs.microsoft.com/en-us/power-bi/service-datasets-build-permissions)

user a, b , c

 

Create a workspace for each property, assign the users accordingly as admin, member, contributor

 

This will allow you to have one data model, that can be used in a really self-service bi way and still meet your data governance requirements.

 

Regards,

Tom



Did I answer your question? Mark my post as a solution, this will help others!

Proud to be a Super User!
I accept Kudos 😉
Hamburg, Germany
Message 2 of 6
1,371 Views
0
Anonymous
Not applicable
In response to TomMartens

‎03-20-2020 12:19 AM

Dear TomMartens,

 

What is different between one workspace with many workspace.

The problems here is that User a,b,c can not assign contributior role in workspace, because if they get permission, they can download report in term of pbix file and can see every data on the table in powerbi report of other property. We use one table for all property.

Row level security do not work on local file. End user want to make report by themselve base on report we have provide to them.

Message 3 of 6
1,365 Views
0

Helpful resources

Announcements
October Power BI Update Carousel

Power BI Monthly Update - October 2025

Check out the October 2025 Power BI update to learn about new features.

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All