Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

The Power BI DataViz World Championships are on! With four chances to enter, you could win a spot in the LIVE Grand Finale in Las Vegas. Show off your skills.

Reply
ja1meee
Helper I
Helper I

Security Role via SSO

‎12-03-2023 05:00 PM

Hello! 

 

I would like to seek your advice regarding applying security via Single Sign-On (SSO) in a Power BI Report. Here is the planned setup for the reports:

Role Management System -> Azure Active Directory -> Power BI 

(1) There is an existing role management system that manages all the security roles in the whole project. This is 
(2) The security roles will then be inherited via Azure Active Directory.
(3) The roles in Azure AD will then be passed to Power BI ideally via SSO.

The Role Management System stores all its security roles in databricks tables:
(a) SecurityID - this table stores all the Security IDs in the Role Management System

(b) SecurityAccess - this table stores all the tables that can be accessed by the Security IDs. 

The objective of this setup is to inherit all the security information found in the SecurityID and SecurityAccess tables via SSO. 

For my question, is this possible through the use of Single Sign On and how will this be implemented? If this is not possible, can you suggest other ways in order to pass these security information? Thank you.

 

Best regards,

Jaimeee

Labels:
Message 1 of 4
640 Views
0
1 ACCEPTED SOLUTION
v-zhangti
Community Support
Community Support
In response to ja1meee

‎12-12-2023 10:22 PM

Hi, @ja1meee 

 

To check if your Azure AD role has taken effect in Power BI, you can follow these steps:

1. Open the Power BI service and navigate to the workspace in question.

2. Click on the gear icon in the top right corner and select "Workspace settings" from the dropdown menu.

3. In the left-hand menu, select "Manage Access" to view the access settings for the workspace.

4. Here, you should see a list of all the users and groups that have been granted access to the workspace, along with their role. If your Azure AD role has taken effect, you should see your account listed here with the "Reporting Workspace - Contributor" role.

 

Best Regards,

Community Support Team _Charlotte

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

Message 4 of 4
546 Views
0
3 REPLIES 3
v-zhangti
Community Support
Community Support

‎12-06-2023 10:59 PM

Hi, @ja1meee 

 

You can use Single Sign-On (SSO) to enable seamless connectivity between Power BI and Azure Active Directory (Azure AD). SSO allows users to access cloud data sources that rely on Azure AD-based authentication. When you configure Azure AD SSO on the on-premises data gateway for an applicable data source, queries run under the Azure AD identity of the user that interacts with the Power BI report.

 

To enable SSO, you can configure your gateway with the following SSO options: Active Directory (AD) SSO, which includes Kerberos constrained delegation, Security Assertion Markup Language (SAML), and Azure AD SSO. You can also configure a tenant-level setting in the Power BI admin portal to allow only Power BI service admins to enable this feature for a tenant.

Overview of single sign-on for on-premises data gateways - Power BI | Microsoft Learn

Azure Active Directory (Azure AD) SSO - Power BI | Microsoft Learn

 

Best Regards,

Community Support Team _Charlotte

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Message 2 of 4
588 Views
ja1meee
Helper I
Helper I
In response to v-zhangti

‎12-10-2023 10:36 PM

Hi @v-zhangti ,

 

Thank you for your response. 

 

Following up on my question, how can I check on the Power BI Workspace if these Azure Roles have taken effect?

 

For example, suppose there is a role called "Reporting Workspace - Contributor " in the Azure Active Directory and my account has been granted that role. My question is this: Is there a way on the Power BI workspace to see what Azure AD role have I been granted? I was only given workspace administration permission that is why I just want to confirm if I can validated anything with the current Power BI workspace role I was given. 

 

Thank you

Message 3 of 4
562 Views
0
v-zhangti
Community Support
Community Support
In response to ja1meee

‎12-12-2023 10:22 PM

Hi, @ja1meee 

 

To check if your Azure AD role has taken effect in Power BI, you can follow these steps:

1. Open the Power BI service and navigate to the workspace in question.

2. Click on the gear icon in the top right corner and select "Workspace settings" from the dropdown menu.

3. In the left-hand menu, select "Manage Access" to view the access settings for the workspace.

4. Here, you should see a list of all the users and groups that have been granted access to the workspace, along with their role. If your Azure AD role has taken effect, you should see your account listed here with the "Reporting Workspace - Contributor" role.

 

Best Regards,

Community Support Team _Charlotte

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Message 4 of 4
547 Views
0

Helpful resources

Announcements
Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!

FebPBI_Carousel

Power BI Monthly Update - February 2025

Check out the February 2025 Power BI update to learn about new features.

Feb2025 Sticker Challenge

Join our Community Sticker Challenge 2025

If you love stickers, then you will definitely want to check out our Community Sticker Challenge!

Feb2025 NL Carousel

Fabric Community Update - February 2025

Find out what's new and trending in the Fabric community.

View All