Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and a 50 percent discount on exams.
Get startedEarn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.
Hey guys.
We are facing a difficulty when inviting external users into the organization and assigning access and respecting the RLS security of the PBI project.
When adding an email with your own domain
example@dominioprorios.com.br
The guest user manager changes the email to live.com#exemplo@dominioprorios.com.br. This means that the user is unable to access the project.
Solved! Go to Solution.
Hi, @ViniciusMiloch
Thanks for the reply from @lbendlin , please allow me to provide addititon:
The behavior you observe is part of how Microsoft handles external users who don't have existing Microsoft or Office 365 accounts. This process creates a Microsoft account associated with the original email, allowing external users to access the resources shared with it. This is expected behavior and should not itself block access to the project as long as the external user uses the email to complete the Microsoft account registration process.
The Invite external users to your organization feature is enabled in the Power BI admin portal. For more information, see Invite external users to your organization:
Export and sharing tenant settings - Microsoft Fabric | Microsoft Learn
Assign access and comply with RLS, assigning the Viewer role to external users in the workspace where RLS-protected content resides. This ensures that they can only see the data they are allowed to view.
Configure RLS in a Power BI Desktop file by defining roles and rules, and then publish it to the Power BI service. For more information about setting up RLS, visit Use row-level security (RLS) with Power BI:
Row-level security (RLS) in Power BI Report Server - Power BI | Microsoft Learn
How to Get Your Question Answered Quickly
Best Regards
Yongkang Hua
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Hi, @ViniciusMiloch
Thanks for the reply from @lbendlin , please allow me to provide addititon:
The behavior you observe is part of how Microsoft handles external users who don't have existing Microsoft or Office 365 accounts. This process creates a Microsoft account associated with the original email, allowing external users to access the resources shared with it. This is expected behavior and should not itself block access to the project as long as the external user uses the email to complete the Microsoft account registration process.
The Invite external users to your organization feature is enabled in the Power BI admin portal. For more information, see Invite external users to your organization:
Export and sharing tenant settings - Microsoft Fabric | Microsoft Learn
Assign access and comply with RLS, assigning the Viewer role to external users in the workspace where RLS-protected content resides. This ensures that they can only see the data they are allowed to view.
Configure RLS in a Power BI Desktop file by defining roles and rules, and then publish it to the Power BI service. For more information about setting up RLS, visit Use row-level security (RLS) with Power BI:
Row-level security (RLS) in Power BI Report Server - Power BI | Microsoft Learn
How to Get Your Question Answered Quickly
Best Regards
Yongkang Hua
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Add live.com#exemplo@dominioprorios.com.br to your RLS.