BLOGS BY TOPIC
BLOGS BY AUTHOR
BLOGS BY YEAR
To prevent the wrong people seeing the wrong data in your reports, you can create row-level security (for example, so only the London regional manager can see London data). This blog explains how!
- Securing Power BI Reports and Dashboards
- Row-level security in Power BI Desktop
- Row-level security in Power BI Service (this blog)
- Who can see what in your reports
Posted by Andy Brown on 08 July 2017
You need a minimum screen resolution of about 700 pixels width to see our blogs. This is because they contain diagrams and tables which would not be viewable easily on a mobile phone or small laptop. Please use a larger tablet, notebook or desktop computer, or change your screen resolution settings.
Row-level security in Power BI Service
Assume that you've published the report in the previous part of this blog, complete with Southern and Northern security roles. What you now need to do is to stop people seeing data that they're not entitled to see.
Assigning people to roles
It's the underlying datasets which matter for security, so choose to set security for your Venue report dataset:
Select the dataset, and choose this option from its menu.
Select a role, and assign email addresses to it:
Here we've assigned two email addresses to the Southern manager role.
In addition to email addresses, you can also assign the following (I've taken this information from this Microsoft page):
From the horse's mouth ...
As in Power BI Desktop, you can test a role in Power BI Service:
Select a role from the dialog box shown above, click on the ellipsis (...) for it and choose to test it.
Power BI Service shows you who you're viewing the report as, and allows you to change this:
Here we're viewing the report in the Southern manager role, but you can use the dropdown to change this.
Note that you can only see reports using this feature, and not dashboards.
A warning on app workspaces
If you create an app workspace to contain reports, make sure that you give it read-only access:
Choose the option shown. If you leave this as the default option Members can edit Power BI content, row-level security will be ignored.
Having set up any row-level security you may want, I'll finally look briefly at what underlying data a user can see when you share a report.