Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Compete to become Power BI Data Viz World Champion! First round ends August 18th. Get started.

Reply
ribisht
Helper I
Helper I

Implement RLS in Power BI Using Application-Level Authentication

‎08-04-2025 11:41 PM
 
Current State : Power BI static url(embeded in the application) is provided in the application and they manual do pivot for the restricted data and place it in shared drive
 
Expected: Have to perform the RLS in powerbi not with the user created in Microsoft have to capture the application user login and filter the data accordingly
 
Background :
Our assure application has two layers of authentication: an application user login, not MS Entra or SSO, and IP address restriction by FI tenant registration, and sometimes per user if they are unable to route requests through their proxy server or from within their registered network IP range. All our Assure application’s requests to external resources leverage either Azure managed identity or user credentials stored in Azure key vault. Our requests include FI tenant and application user identification values to verify and filter access to data.
 
 
Labels:
Message 1 of 3
157 Views
0
1 ACCEPTED SOLUTION
rohit1991
Super User
Super User

‎08-05-2025 12:02 AM

Hi @ribisht 

 

To implement RLS with application-level authentication (not using Microsoft user accounts), you should use Power BI embedding for service principals. First, assign RLS roles to the dataset in Power BI Desktop and publish it. Then, when generating the embed token in your application, pass the appropriate username as an effective identity in the token request. Power BI will apply RLS based on that username. This way, your app controls what data the user sees using its own authentication logic, while Power BI enforces RLS behind the scenes. No manual pivot or shared drives are needed once setup is complete.


Did it work? ✔ Give a Kudo • Mark as Solution – help others too!

View solution in original post

Message 2 of 3
138 Views
0
2 REPLIES 2
v-tsaipranay
Community Support
Community Support

‎08-05-2025 09:25 PM

Hi @ribisht ,

Thank you for reaching out to the Microsoft fabric community forum. Also thank you @rohit1991 , your suggested method is correct for enabling RLS with application-level authentication in Power BI Embedded.

In adition to that,here are a few points need to consider:

  • This method requires a workspace in Power BI Premium capacity, as embedding with a service principal isn’t supported with Pro licenses.
  • The identity string provided via EffectiveIdentity must match the format used in your RLS setup, usually through USERNAME() or USERPRINCIPALNAME() in the role definitions.
  • Your application must handle user authentication and map users to the correct identity string, since Power BI only enforces RLS based on the embed token and does not perform authentication itself.

Once configured, this approach provides secure and dynamic data access based on your app’s user model, without manual data pivots or shared storage.

Hope this helps. Please reach out for further assistance.

 

Thank you.

Message 3 of 3
98 Views
0
rohit1991
Super User
Super User

‎08-05-2025 12:02 AM

Hi @ribisht 

 

To implement RLS with application-level authentication (not using Microsoft user accounts), you should use Power BI embedding for service principals. First, assign RLS roles to the dataset in Power BI Desktop and publish it. Then, when generating the embed token in your application, pass the appropriate username as an effective identity in the token request. Power BI will apply RLS based on that username. This way, your app controls what data the user sees using its own authentication logic, while Power BI enforces RLS behind the scenes. No manual pivot or shared drives are needed once setup is complete.


Did it work? ✔ Give a Kudo • Mark as Solution – help others too!
Message 2 of 3
139 Views
0

Helpful resources

Announcements
August Power BI Update Carousel

Power BI Monthly Update - August 2025

Check out the August 2025 Power BI update to learn about new features.

August 2025 community update carousel

Fabric Community Update - August 2025

Find out what's new and trending in the Fabric community.

View All