Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Earn the coveted Fabric Analytics Engineer certification. 100% off your exam for a limited time only!

Reply
tupadhyay
Regular Visitor

How to achieve Row-Level Security using PowerBi JS API

I have Power BI Embedded App-Owns data scenario where I have a report configured for Row Level Security, and the report shows different data based on the some of filter parameters I passed from client side. 

 

When client requests report (request generated from client facing website), server side code generates Embed token (this would be server-to-server call => from my server to PowerBi Service, no data from client space passed to PowerBi Service). I am using PowerBi API to generate Embed token for certain ReportID and DataSet and authentication is taken care correctly.  Now this Embed token is passed to client space and there I am using EmbedConfig to embed report. Something like below: 

const filter = {
        $schema: "http://powerbi.com/product/schema#basic",
        target: {
            table: "table name",
            column: "Organization"
        },
        operator: "In",
        values: ["SomefilterValue"]
    };

 var config = {
        type: 'report',
        tokenType: models.TokenType.Embed,
        accessToken: accessToken,
        embedUrl: embedUrl,
        id: embedReportId,
        permissions: models.Permissions.Read,
        settings: {
            filterPaneEnabled: true,
            navContentPaneEnabled: false
        }
    };

 

However, my major concern is in client-side JavaScript scenario.  If I am a bad actor, I can just use Chrome developer tools (or Fiddler, or whatever) to get Embed Token. Once I have that embed token, I can use PowerBi Embed Playground and pass various filter parameters. I am really stuck at this point, I think, I am missing something.  

I implmented everything according to : https://docs.microsoft.com/en-us/power-bi/developer/embedded/embed-sample-for-customers

 

0 REPLIES 0

Helpful resources

Announcements
April AMA free

Microsoft Fabric AMA Livestream

Join us Tuesday, April 09, 9:00 – 10:00 AM PST for a live, expert-led Q&A session on all things Microsoft Fabric!

March Fabric Community Update

Fabric Community Update - March 2024

Find out what's new and trending in the Fabric Community.