Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Get inspired! Check out the entries from the Power BI DataViz World Championships preliminary rounds and give kudos to your favorites. View the vizzies.

Reply
LovelyGoat
New Member

Self service signup for Fabric Free suddenly enabled (and can't switch it off)

‎02-10-2025 05:14 AM

Hello, 

 

We used to have self-service signup disabled for our users, allowing us to only give access to the Power BI service platform based on a Entra ID group we coupled with the Fabric Free license. Since December it seems Microsoft has changed something in this setup and users can now freely go to app.powerbi.com. 

 

I checked together with our Global admin users whether we can disable this self service setting again to no avail. The option seems to have disappeared completely from the O365 Admin centre. As a last resort we tried restricting the number of available Fabric Free licenses to the current number at that point. Microsoft doesn't care. With the next signup they upped the number by 1.000.000 just to be sure we'd have enough license capacity for everyone. 

Anyone else experiencing something similar and has a solution for this? The fact that the platform is freely accessible is causing confusion due to the fact that we are transitioning to Power BI and do now want to allow all departments yet on the platform for licensing cost and other reasons. 

Labels:
Message 1 of 7
356 Views
0
1 ACCEPTED SOLUTION
rohit1991
Super User
Super User

‎02-10-2025 06:44 AM

Hi  @LovelyGoat ,

You're not alone in facing this issue—Microsoft recently made changes to how self-service signups for Fabric Free work, and many organizations have noticed that the previous restrictions no longer apply. Since the O365 Admin Center no longer provides the option to disable self-service signups, one workaround is to use Entra ID (formerly Azure AD) Conditional Access Policies to restrict access to Power BI. By setting up a policy that blocks access unless a user is in a specific Entra ID group, you can effectively prevent unauthorized users from accessing app.powerbi.com.

Another approach is to manage license assignments through Entra ID group-based licensing, ensuring that only approved users receive a Fabric Free license. However, since Microsoft seems to automatically provision licenses as needed, enforcing this at the authentication level (via Conditional Access) is the most effective way to maintain control. If this is causing significant disruption, I recommend opening a Microsoft Support ticket to clarify whether further restrictions will be reintroduced.

View solution in original post

Message 2 of 7
323 Views
0
6 REPLIES 6
v-ssriganesh
Community Support
Community Support

‎02-16-2025 09:28 PM

Hi @LovelyGoat,
I wanted to check if you had the opportunity to review the information provided. Please feel free to contact us if you have any further questions. If my response has addressed your query, please accept it as a solution and give a 'Kudos' so other members can easily find it.
Thank you.

Message 7 of 7
218 Views
0
v-ssriganesh
Community Support
Community Support

‎02-13-2025 11:07 PM

Hi @LovelyGoat,

May I ask if you have resolved this issue? If so, please mark the helpful reply and accept it as the solution. This will be helpful for other community members who have similar problems to solve it faster.

Thank you.

Message 6 of 7
241 Views
0
v-ssriganesh
Community Support
Community Support

‎02-10-2025 09:29 PM

Hi @LovelyGoat, thank you for reaching out to the Microsoft community forum.

We appreciate your detailed insights @rohit1991.

We wanted to check if you were able to test the Conditional Access (CA) policy solution. Did it effectively restrict unwanted access to Power BI as expected? Please let us know if this approach worked for you or if you are still encountering any challenges.

In addition to Conditional Access, here is another step you might consider to better manage Fabric Free license assignments:

  • Since self-service signup is causing direct license assignments (instead of group-based licensing), you can periodically review and remove them via Microsoft 365 Admin Center → Check Active Users and remove unwanted direct Fabric Free licenses.

If this helps then please Accept it as a solution and dropping a "Kudos" so other members can find it more easily.

Hope this works for you!

Thank you.

Message 5 of 7
282 Views
0
rohit1991
Super User
Super User

‎02-10-2025 06:44 AM

Hi  @LovelyGoat ,

You're not alone in facing this issue—Microsoft recently made changes to how self-service signups for Fabric Free work, and many organizations have noticed that the previous restrictions no longer apply. Since the O365 Admin Center no longer provides the option to disable self-service signups, one workaround is to use Entra ID (formerly Azure AD) Conditional Access Policies to restrict access to Power BI. By setting up a policy that blocks access unless a user is in a specific Entra ID group, you can effectively prevent unauthorized users from accessing app.powerbi.com.

Another approach is to manage license assignments through Entra ID group-based licensing, ensuring that only approved users receive a Fabric Free license. However, since Microsoft seems to automatically provision licenses as needed, enforcing this at the authentication level (via Conditional Access) is the most effective way to maintain control. If this is causing significant disruption, I recommend opening a Microsoft Support ticket to clarify whether further restrictions will be reintroduced.

Message 2 of 7
324 Views
0
LovelyGoat
New Member
In response to rohit1991

‎02-17-2025 03:42 AM

It took some time for the right people to set up the Conditional Access policy, but it seems to work. Users get blocked before they can access the Power BI service. 

Message 4 of 7
213 Views
LovelyGoat
New Member
In response to rohit1991

‎02-10-2025 07:13 AM

I dont think Entra group-based licensing works as a solution. We have this in place, but the self-service signup creates a Direct assignment of the license instead of the group-based assignment. 

I will try the proposed CA solution. 

Message 3 of 7
308 Views
0

Helpful resources

Announcements
Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!

FebPBI_Carousel

Power BI Monthly Update - February 2025

Check out the February 2025 Power BI update to learn about new features.

March2025 Carousel

Fabric Community Update - March 2025

Find out what's new and trending in the Fabric community.

View All