Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Earn the coveted Fabric Analytics Engineer certification. 100% off your exam for a limited time only!

Reply
Anonymous
Not applicable

PowerBI Embded Java script filters security

Hello. 

I have a question that might be my problem of understanding power bi embeded security.

I managed to create own app application using power bi embedded A1 capacity with Azure Analysis Service cube as data source and RLS.....

 

For ISV sharing (with my customers) I use a Native Azure AD app for OAUTH autentication using single master Service account on AD. I Also use Azure key valut to get such user account so it is not part of the application code.....

 

All work fine and I get the report open in browser. 

I applied Javascript Filter to the report and it also work fine.

My concern is >

when I do view source for the html page I can see the access token variable together with report id... and the java script filter.

 

with all 3 variables what will prevent a customer from taking the access token to write his own html, but will change the java script filter to something else (another customer name).

 

I tried it myself taking the access token and report Id from my app and put it in this demo site page https://microsoft.github.io/PowerBI-JavaScript/demo/v2-demo/index.html#

and I got the full report with no filters.

 

1 ACCEPTED SOLUTION
Anonymous
Not applicable

Problem solved.
I needed to use roles in the embedded code before I generate the access token.
Like that access token is generated just for this role and the java scrip filter just filter from the results such role can view.
I wish such could be done also with on premise report server 🙂

View solution in original post

2 REPLIES 2
Anonymous
Not applicable

Problem solved.
I needed to use roles in the embedded code before I generate the access token.
Like that access token is generated just for this role and the java scrip filter just filter from the results such role can view.
I wish such could be done also with on premise report server 🙂

So, If I create a Power BI Report for my customers, and I have hundreds of customers, do I need to create hundreds of roles and tokens?

Helpful resources

Announcements
April AMA free

Microsoft Fabric AMA Livestream

Join us Tuesday, April 09, 9:00 – 10:00 AM PST for a live, expert-led Q&A session on all things Microsoft Fabric!

March Fabric Community Update

Fabric Community Update - March 2024

Find out what's new and trending in the Fabric Community.