Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.
I'm sure someone has asked the question but...
Can I set up row level security with data that I pull in from salesforce, either objects or reports?
My scenario is that we have created a dashboard for sales guys to do their quarterly reviews and all of the data comes from Salesforce reports. Obviously sales guys should only be able to see their own data, so we created a dataset/report/dashboard and then duplicated it 20+ times and set filters in the reports so that they can only see their data... Problem is if I need to make one structural change to a data set or report, I have to make it 20+ times.
Helps and suggestions greatly appreciated
Mike
@Megachuckmc wrote:
...
so we created a dataset/report/dashboard and then duplicated it 20+ times and set filters in the reports so that they can only see their data...
@Megachuckmc, report filters are very explicitly not a security feature. As @TealCanady has mentioned above, the only way to enforce RLS in Power BI is to utilize a live connection to SSAS.
Using report filters as a security feature is ill-advised.
Mike,
I think this is actually dependant on their sales force permissions and less on Power BI but I would need to dig in more to be sure. If they are restricted in Salesforce they would be restricted in the reports because they are using their own logins to Salesforce to access the data. This is simaler to using Active Directory groups in the SSAS tabular model to restrict access to data.
Teal Canady
Teal,
Thanks for the response, I'd be interested to see/hear anything else you can find out on this.
I'm not sure how their Salesforce login would restrict them from seeing data that has been pulled into Power BI since they are not connecting directly to Salesforce but just opening up a dashboard that is connected to a dataset that gets uploaded from Salesforce. The dataset includes everyones data. For instance I have a data set that has 2000 Opportunities in it, but unless I filter it for each user they would be able to see all 2000 Opportunities. Seems like I would need to introduce something "in between" that would look at their Power BI user credentials and compare it to something in the data set to return only those rows.
Thanks again!
Mike
Mike,
I made the assumption you were working with the service connector for Salesforce online; my apologies. Are you pulling the salesforce data into a power pivot model in power bi? I know in the tabular version you can use a method to implement dynamic security based on a login. I'm curious if an modified version of this could be used.
Teal Canady
Mike,
Looks like I found your resoultion and sadly it's not possible with a file at this time. You would need to use the dynamic security from my previous reply in combination with SSAS Tabular.
http://community.powerbi.com/t5/Integrations-with-Files-and/Row-Level-security/m-p/11223#M1911
Let me know if you have any other questions.
Teal
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Check out the April 2024 Power BI update to learn about new features.