Starting December 3, join live sessions with database experts and the Microsoft product team to learn just how easy it is to get started
Learn moreGet certified in Microsoft Fabric—for free! For a limited time, get a free DP-600 exam voucher to use by the end of 2024. Register now
I need to build a Report Environment for an intranet website to embed Power BI reports for about 100++ users. I will implement Row-Level Security (RLS) so each user only sees their data, but I don't want to create individual Microsoft accounts for everyone. Users will authenticate through the intranet, like user will sign in to the website using his/her credentials and that credential should should match with RLS so he/she can see the report they are expecting to see.
I'm thinking of getting the Power BI Embedded license for report sharing. But I'm unsure about how I can execute the development portion.
Any advice on best practices for RLS implementation in this scenario, especially regarding the development part, properly embedding the report? Also, any tips on minimizing costs while leveraging existing Power BI Premium Per User (PPU) licenses would be greatly appreciated! Open to collaboration and any insights from similar projects.
Thanks!
Hi @Cortana ,
Please refer this -
https://learn.microsoft.com/en-us/power-bi/developer/embedded/cloud-rls
https://skypoint.ai/blog/row-level-security-with-power-bi-embedded-using-mvc/
If you want to save some money then you can check with your power bi tenant admin or your IT department if any one owns premium capacity in your tenant.You can contact them if they are not fully using their premium capacity then there are chances they will allow you to move your workspace to their capacity and they will cross charge some amount based on users or utilisation.
I hope it will be helpful.
Thanks,
Sai Teja
Hi @Cortana - Since you're looking to support around 100+ users and don’t want to assign each one a Power BI license, a Power BI Embedded (EM or A SKU) would be the right choice. Power BI Embedded allows you to embed reports in web applications for users who don’t have Power BI accounts.
By following these steps, you can build a secure and scalable reporting environment with Power BI, optimized for an intranet setup without needing Microsoft accounts for all users. Let me know if you’d like more details on any specific part!
reference links:
Security in Power BI embedded analytics - Power BI | Microsoft Learn
Use row-level security with token based identities - Power BI | Microsoft Learn
Managing authentication and authorization for Power BI Embedded | Microsoft Learn
Proud to be a Super User! | |
Thank you.
I was actually looking an insight on this question, "how to especifically link my intranet authentication system with RLS within Power BI?"
Hi @Cortana -In Power BI Desktop, create roles for your dataset based on user-specific filters, such as UserID or Department.
For example, if each user should only see data associated with their UserID, define an RLS role that filters records based on the logged-in user's identifier.
Use the [UserPrincipalName()] DAX function to dynamically filter data based on the current user's identity.
2. Publish and Configure RLS in Power BI Service
Publish your report with RLS roles to the Power BI Service.
In the Power BI Service, verify that RLS roles are correctly applied and working as expected.
Test RLS by assigning a sample user and ensuring that only the intended data is visible for that user.
3. Since you’re using an intranet authentication system, the typical approach involves implementing a Secure Embed method using app tokens.
After users authenticate on the intranet, generate a Power BI Embed Token. This token should include the RLS role and user-specific information to restrict data access accordingly.
Azure AD B2C or another identity provider can help facilitate this if you're using OpenID Connect or OAuth2 for your intranet login. You would use Azure AD to authenticate the intranet user, then pass this authentication context when generating the Power BI embed token.
Please check below link for more details of embed
Security in Power BI embedded analytics - Power BI | Microsoft Learn
Proud to be a Super User! | |
Starting December 3, join live sessions with database experts and the Fabric product team to learn just how easy it is to get started.
March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount! Early Bird pricing ends December 9th.
User | Count |
---|---|
33 | |
32 | |
19 | |
12 | |
8 |
User | Count |
---|---|
52 | |
37 | |
29 | |
14 | |
12 |