The ultimate Microsoft Fabric, Power BI, Azure AI, and SQL learning event: Join us in Stockholm, September 24-27, 2024.
Save €200 with code MSCUST on top of early bird pricing!
Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started
Hello!
I would like to seek your advice regarding applying security via Single Sign-On (SSO) in a Power BI Report. Here is the planned setup for the reports:
Role Management System -> Azure Active Directory -> Power BI
(1) There is an existing role management system that manages all the security roles in the whole project. This is
(2) The security roles will then be inherited via Azure Active Directory.
(3) The roles in Azure AD will then be passed to Power BI ideally via SSO.
The Role Management System stores all its security roles in databricks tables:
(a) SecurityID - this table stores all the Security IDs in the Role Management System
(b) SecurityAccess - this table stores all the tables that can be accessed by the Security IDs.
The objective of this setup is to inherit all the security information found in the SecurityID and SecurityAccess tables via SSO.
For my question, is this possible through the use of Single Sign On and how will this be implemented? If this is not possible, can you suggest other ways in order to pass these security information? Thank you.
Best regards,
Jaimeee
Solved! Go to Solution.
Hi, @ja1meee
To check if your Azure AD role has taken effect in Power BI, you can follow these steps:
1. Open the Power BI service and navigate to the workspace in question.
2. Click on the gear icon in the top right corner and select "Workspace settings" from the dropdown menu.
3. In the left-hand menu, select "Manage Access" to view the access settings for the workspace.
4. Here, you should see a list of all the users and groups that have been granted access to the workspace, along with their role. If your Azure AD role has taken effect, you should see your account listed here with the "Reporting Workspace - Contributor" role.
Best Regards,
Community Support Team _Charlotte
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Hi, @ja1meee
You can use Single Sign-On (SSO) to enable seamless connectivity between Power BI and Azure Active Directory (Azure AD). SSO allows users to access cloud data sources that rely on Azure AD-based authentication. When you configure Azure AD SSO on the on-premises data gateway for an applicable data source, queries run under the Azure AD identity of the user that interacts with the Power BI report.
To enable SSO, you can configure your gateway with the following SSO options: Active Directory (AD) SSO, which includes Kerberos constrained delegation, Security Assertion Markup Language (SAML), and Azure AD SSO. You can also configure a tenant-level setting in the Power BI admin portal to allow only Power BI service admins to enable this feature for a tenant.
Overview of single sign-on for on-premises data gateways - Power BI | Microsoft Learn
Azure Active Directory (Azure AD) SSO - Power BI | Microsoft Learn
Best Regards,
Community Support Team _Charlotte
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Hi @v-zhangti ,
Thank you for your response.
Following up on my question, how can I check on the Power BI Workspace if these Azure Roles have taken effect?
For example, suppose there is a role called "Reporting Workspace - Contributor " in the Azure Active Directory and my account has been granted that role. My question is this: Is there a way on the Power BI workspace to see what Azure AD role have I been granted? I was only given workspace administration permission that is why I just want to confirm if I can validated anything with the current Power BI workspace role I was given.
Thank you
Hi, @ja1meee
To check if your Azure AD role has taken effect in Power BI, you can follow these steps:
1. Open the Power BI service and navigate to the workspace in question.
2. Click on the gear icon in the top right corner and select "Workspace settings" from the dropdown menu.
3. In the left-hand menu, select "Manage Access" to view the access settings for the workspace.
4. Here, you should see a list of all the users and groups that have been granted access to the workspace, along with their role. If your Azure AD role has taken effect, you should see your account listed here with the "Reporting Workspace - Contributor" role.
Best Regards,
Community Support Team _Charlotte
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Join the community in Stockholm for expert Microsoft Fabric learning including a very exciting keynote from Arun Ulag, Corporate Vice President, Azure Data.
Check out the August 2024 Power BI update to learn about new features.
User | Count |
---|---|
55 | |
24 | |
14 | |
14 | |
12 |
User | Count |
---|---|
104 | |
39 | |
28 | |
22 | |
22 |