Get certified in Microsoft Fabric—for free! For a limited time, the Microsoft Fabric Community team will be offering free DP-600 exam vouchers. Prepare now
Solved! Go to Solution.
@kkalyanrr Yes you can do that, but be aware that anything using Publish to Web is accessible by anyone. Just because you stick the embedded piece behind SharePoint doesn't mean its secure. It's the embed URL that is discoverable.
Hi @kkalyanrr,
The @Seth_C_Bauer reply is perfect. Please mark the right and helpful reply as answer. More people will benefit from here.
Best Regards,
Angelia
@kkalyanrr Yes you can do that, but be aware that anything using Publish to Web is accessible by anyone. Just because you stick the embedded piece behind SharePoint doesn't mean its secure. It's the embed URL that is discoverable.
When you say discoverable what exactly do you mean. Dont you have to be provided the url including the embed code? People on the internet can't stumble upon it right?
@admiralman When you use Publish to Web, I am stating that anyone on the internet can stumble upon it. Obviously with a bit more effort, but yes, you are essentially exposing your company data to the world using this method. It is only for use with public information, any other use is exposing private information publically.
@Seth_C_Bauer I would have to disagree with the reference to "stumbling on it". To access my Outlook.com email account you wouldn't necessarily stumble upon my username and password any more than you would stumble upon an embed code such as this "eyJrIjoiYWQzOWI5YTctYzAyYy00NzJlLTk1NTUtMzU0YmRhYWVhYTMzIiwidCI6IjNhMTcyM2I5LTgxMzItNDUwNi1iNmNkLTgxOWYxN2MwZGExZCIsImMiOjZ9". I believe it would take more effort to decipher the correct embed code than it would to hack most accounts. Am I missing something? Is there another way that one would stumble upon the embed code?
@admiralman Ok. "Stumble upon" is not the correct term. If someone is up to no good, it is a trivial amount of work to discover these URL's. If you've watched any presentation on the subject you will soon realize that the URL's all follow the same structure except for one part. There is a reason that there is a giant warning on the article which describes this functionality here
The nuts and bolts is this: If you are using "stumble upon" as a justification for exposing your company data despite all the warnings, then that's up to you. But understand that you are in essence risking your companies private information when you use this, I don't know how much more clear anyone can make this for you.
@Seth_C_Bauer I didnt realize that the construct of the embed codes were that way and assumed they were randomly generated. Many people in these forums have claimed that the only way to access these reports was to have the link thus I assumed they were secure up to that point. I have seen the warning message and based upon my prior assumptions I thought that when I saw "can be viewed by anyone on the Internet" it meant that it could as long as I gave them the link. There is a lot confusion on this subject even within this forum. I appreciate your clarification on this.
Check out the October 2024 Power BI update to learn about new features.
Learn from experts, get hands-on experience, and win awesome prizes.