Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Get Fabric Certified for FREE during Fabric Data Days. Don't miss your chance! Request now

Reply
Krish_nidar
Helper I
Helper I

Row Level Security with Page restriction

‎08-12-2025 12:59 AM

HI Team,

 

It wold be great help on implementing Row Level Securiy with Page restrction .I implemented the same by having user master with emailid and page name

 

By using measure , i picked the page that needt to be shown. In the home page i am taking the user to specified page.
This page navigation is not a RLS and we are just hiding only.I understand.

 

Also , OLS -Tabular editor is not allowed in my org


One issue here

If any user knows about the admin URL, he can access the page. I want to resctrict this.

 

I created 2 roles. HR, digital etc. Now on each role , i am restricting table row access by putting fals(). and required tables,i made it as true()

Timely help, will help me ery much

 

Thank you frieds

Labels:
Message 1 of 2
246 Views
1 ACCEPTED SOLUTION
jaineshp
Memorable Member
Memorable Member

‎08-12-2025 01:14 AM

@Krish_nidar,

Based on your requirements, here are the key steps to implement proper Row Level Security with page restriction:

For Page-Level Security:

  1. Create dedicated roles for each page/department (HR, Digital, etc.) - you've already started this correctly
  2. Implement table-level restrictions in each role:
    • Set FALSE() for tables that shouldn't be accessible to that role
    • Set TRUE() for tables the role should access
    • This prevents direct URL access since users won't have permissions to underlying data
  3. Use DAX filters instead of just hiding pages:
    [Email] = USERPRINCIPALNAME()
    Apply this to your user master table in each role

    For URL Protection:

    1. Remove "Build permission" from roles - This prevents users from accessing admin URLs and dataset settings
    2. Set proper workspace permissions:
      • Users should only have "Viewer" access to workspace
      • Remove "Contributor" or higher permissions
    3. Implement dynamic page navigation using bookmarks and buttons instead of direct page URLs:
      • Create bookmarks for each page
      • Use conditional visibility on navigation buttons
      • This eliminates direct URL access entirely

    Additional Security Measures:

    1. Enable "Users can only access content with build permissions" in workspace settings
    2. Use Power BI Premium Per User licensing if possible - provides better RLS enforcement
    3. Consider implementing a landing page that dynamically shows available options based on user permissions

Fixed? ✓ Mark it • Share it • Help others!


Best Regards,
Jainesh Poojara | Power BI Developer

View solution in original post

Message 2 of 2
235 Views
1 REPLY 1
jaineshp
Memorable Member
Memorable Member

‎08-12-2025 01:14 AM

@Krish_nidar,

Based on your requirements, here are the key steps to implement proper Row Level Security with page restriction:

For Page-Level Security:

  1. Create dedicated roles for each page/department (HR, Digital, etc.) - you've already started this correctly
  2. Implement table-level restrictions in each role:
    • Set FALSE() for tables that shouldn't be accessible to that role
    • Set TRUE() for tables the role should access
    • This prevents direct URL access since users won't have permissions to underlying data
  3. Use DAX filters instead of just hiding pages:
    [Email] = USERPRINCIPALNAME()
    Apply this to your user master table in each role

    For URL Protection:

    1. Remove "Build permission" from roles - This prevents users from accessing admin URLs and dataset settings
    2. Set proper workspace permissions:
      • Users should only have "Viewer" access to workspace
      • Remove "Contributor" or higher permissions
    3. Implement dynamic page navigation using bookmarks and buttons instead of direct page URLs:
      • Create bookmarks for each page
      • Use conditional visibility on navigation buttons
      • This eliminates direct URL access entirely

    Additional Security Measures:

    1. Enable "Users can only access content with build permissions" in workspace settings
    2. Use Power BI Premium Per User licensing if possible - provides better RLS enforcement
    3. Consider implementing a landing page that dynamically shows available options based on user permissions

Fixed? ✓ Mark it • Share it • Help others!


Best Regards,
Jainesh Poojara | Power BI Developer

Message 2 of 2
236 Views

Helpful resources

Announcements
November Power BI Update Carousel

Power BI Monthly Update - November 2025

Check out the November 2025 Power BI update to learn about new features.

Fabric Data Days Carousel

Fabric Data Days

Advance your Data & AI career with 50 days of live learning, contests, hands-on challenges, study groups & certifications and more!

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All