Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.
Hi!
We have a serious security issue regarding Power BI Report Server.
We depolyed a power bi report server report URL on a web portal but the URL is easy to catch after inspection on the portal and a user can have access to data of all other customers.
So we would like to avoid direct access to the URL through the web browser.
Authentication mode on Power BI Report Server: SSO (SAML).
Data loading mode: Import.
Has anyone come across this requirement before? Any thoughts or suggested solutions would be greatly appreciated.
Thanks!
And the underlying data source? SSAS Tabular?
Can you clarify the problem? Don't you use RLS?
BR
Hi @lukiz84
I would like to specify that we are using SSO (SAML) authentication mode on Power BI Report Server to avoid double authentication in the web portal, and with this mode we can not use RLS. What we are doing to manage users access to filtered data is adding filters in the Report Server URL.
The problem is that those filters are not hidden and could be modified or deleted from users after URL catching.
With best regards.
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Check out the April 2024 Power BI update to learn about new features.
User | Count |
---|---|
12 | |
7 | |
4 | |
3 | |
2 |
User | Count |
---|---|
15 | |
11 | |
5 | |
5 | |
2 |