Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Earn the coveted Fabric Analytics Engineer certification. 100% off your exam for a limited time only!

Reply
Chema_Ortega
Helper III
Helper III

DINAMIC SECURITY

Hello eveybody,

 

Thanks a lot in advance for your help.

 

I am trying to implement security row level (I have many users and many Projects in one .bix). The client wants security by project (some users will have permission to see one Project, other users will have permission to see other Project, and so on). The problem is that the client has given us a table with Users by Project, and they want us to use it to add the security. They do not want to assign the security in the service, assigning the emails of each user to each Project, since there are many users. Is there a way to do that? Is there any written advice?

 

Thanks a lot. Best regards,

 

Chema Ortega

1 ACCEPTED SOLUTION
M_L
Frequent Visitor

I would suggest you set-up dynamic row level security - you would need to follow these steps 

- create a table (i.e. T_Sec) with 2 columns UserID & Projects. The UserID should be the email used for the user to access to PowerBI 

- in Desktop > Modeling> Manage Role, create a role, then in Table "T_Sec" of the "Manage Roles" view, in "Table Filter DAX expression" enter this DAX formula : [UserID] = USERPRINCIPALNAME()

- in Relationship view of Desktop, set-up the relationship (many-to-many) between the table T_Sec [Projects] to tables you want to limit visibility by projet 

- then in Power BI Service, assign this role to the user and give them access 

Please mark it if this works. 

View solution in original post

4 REPLIES 4
v-joesh-msft
Solution Sage
Solution Sage

Hi @Chema_Ortega ,

As @M_L  said, you need to set up Dynamic Row Level Security, there is a similar article here, you can also refer to :

Dynamic Row Level Security with Profiles and Users in Power BI : Many-to-Many Relationship

Best Regards,

Community Support Team _ Joey
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Thanks a lot, Joesh. I am trying to fix everything up.

 

Best regards,

 

Chema

M_L
Frequent Visitor

I would suggest you set-up dynamic row level security - you would need to follow these steps 

- create a table (i.e. T_Sec) with 2 columns UserID & Projects. The UserID should be the email used for the user to access to PowerBI 

- in Desktop > Modeling> Manage Role, create a role, then in Table "T_Sec" of the "Manage Roles" view, in "Table Filter DAX expression" enter this DAX formula : [UserID] = USERPRINCIPALNAME()

- in Relationship view of Desktop, set-up the relationship (many-to-many) between the table T_Sec [Projects] to tables you want to limit visibility by projet 

- then in Power BI Service, assign this role to the user and give them access 

Please mark it if this works. 

HI M L,

 

Thanks a lot. It seems to be working!!! Great!!!

 

Just one point: when I enter witn a user with Administrator rights, I can see everything. When I enter with a user with security applied, and the Table I want to show is in Direct Query, the visualization breaks down. I don´t know why... It doesn't make sense at all!!!

 

Best regards,

 

Chema 

Helpful resources

Announcements
April AMA free

Microsoft Fabric AMA Livestream

Join us Tuesday, April 09, 9:00 – 10:00 AM PST for a live, expert-led Q&A session on all things Microsoft Fabric!

March Fabric Community Update

Fabric Community Update - March 2024

Find out what's new and trending in the Fabric Community.