Get certified in Microsoft Fabric—for free! For a limited time, the Microsoft Fabric Community team will be offering free DP-600 exam vouchers. Prepare now
Hi All,
We have lot of confusion/issues while trying to implement RLS in PBI.
we created role in PBI Desktop and published the file to service in an app workspace.
So, for a member of app workspace who has only view rights do we have to first share the report to the member and also add security? Will RLS work only in this case?
We really need to understand RLS in below mentioned perspectives:
1. RLS in power BI service
2. RLS In app worksapce in service
3. RLS in embedded
We need to know all the rules, prerequisites, steps for the above mentioned topics. Please guide to any articles that might help throughly on this.
Hi @Anupatil@Anonymous,
1. In Power BI desktop, we create a RLS role, after saving the report and publishing to Power BI service, we need go to Security tab of the dataset and add users as members of this role. Depends on the report stored location, we might need to do another action:
If the report is stored in My Workspace, we can share the report or related dashboard with these users, they will see corresponding data based the role he/she belong to.
If the report is stored in a app workspace, as long as the users are this app workspace view only members, they can view the report and dashboard with role filtered.
Reference: https://docs.microsoft.com/en-us/power-bi/service-admin-rls
2. When we use Power BI embedded to view report, if we're embedding for non-Power BI users (app owns data), we need to follow this article: https://docs.microsoft.com/en-us/power-bi/developer/embedded-row-level-security
While if we are embedding for Power BI users (user owns data), we needn't to do anything in the app, just set RLS as mentioned in the first point above in the same way.
Best Regards,
Qiuyun Yu
Hi Qiuyun,
Just want to add on one more question:
is is possible to have another set of super user having the edit right in the app workspace (e.g. they will be able to edit content, create new reports etc) while maintaining the usage of RLS for the rest of the users with view permission only.
Understant that currently if we have configured the app workspace so that members have edit permissions, the RLS roles will not be applied to them.
Thank you.
Hi there
Currently when a user is a member of an App Workspace they can see all the content and RLS will not be applied.
RLS will apply to a user if a report, dashboard or app is shared with them.
With regards to embedding Power BI, this will be controlled via the embedding application which will then pass a token (which is actually a user) which will then return the RLS
Finally I have a blog post on how to implement this.
Facing similar kind of issue..
While sharing reports with more than 100 users logging into web app,How will they be able to see only there relevant content.
Need this solution aas soon as possible.
Kindly help!!!
Check out the October 2024 Power BI update to learn about new features.
Learn from experts, get hands-on experience, and win awesome prizes.