Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.

Reply
Anonymous
Not applicable

Refresh Power BI Dataset using Power Automate (flow) with Viewer permissions in app workspace

‎08-09-2022 04:36 AM

Hi all,

Hope you are doing good!

I have a scenario which is a head scratcher for me. need your inputs 🙂

I am refreshing a Power BI dataset via a flow. UI is Power Apps platform which takes dates as an inputs and through flow it refreshes the Power BI dataset.

I am managing access to power bi app workspace via Security groups.

Now, If I am user in a particualr Security Group and that SG has 'Viewer' access to my app workspace, flow fails saying user doesn't have sufficient permissions (since it is not able to find dataset).
If I change the access level to one higher i.e. 'Contributor' access to that Security group then the cons is - I am providing users of that SG powers to delete content and acces more information than needed because they should only have read access.

 

What should be the ideal implementation scenrio for me ?
This is the dilemma! would love your inputs.  Hope I made it clear to understand, if not just throw your doubts please.
Thanks in advance!

Labels:
Message 1 of 5
1,704 Views
0
3 ACCEPTED SOLUTIONS
otravers
Community Champion
Community Champion

‎08-09-2022 05:34 AM

You should be able to solve this conundrum by using a service principal:

https://benediktbergmann.eu/2022/01/04/setup-a-service-principal-in-power-automate/

------------------------------------------------
1. How to get your question answered quickly - good questions get good answers!
2. Learning how to fish > being spoon-fed without active thinking.
3. Please accept as a solution posts that resolve your questions.
------------------------------------------------
BI Blog: Datamarts | RLS/OLS | Dev Tools | Languages | Aggregations | XMLA/APIs | Field Parameters | Custom Visuals

View solution in original post

Message 2 of 5
1,651 Views
0
ibarrau
Super User
Super User

‎08-09-2022 05:42 AM

Hi. Like otravers says you might want to use a service account (like service pricipal). The main thing here is that the user or account used to refresh needs more permissions, so it can't be inside of a security group that can only "View" inside the workspace. The service principal is usually the best option because it doesn't depends on a user, it's an app registered for the organization.
I hope that make sense


If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Happy to help!

LaDataWeb Blog

View solution in original post

Message 3 of 5
1,645 Views
0
Anonymous
Not applicable

‎08-25-2022 06:11 AM

Thanks for your relpies @otravers  @ibarrau 
Well this is the ideal solution which should be implemented from the start. Thanks for letting me know.

Also, the other solution which worked in my specific case is just run the flow with the account which has higher level of permissions (like @ibarrau mentioned in his answer). The new task (PowerApps V2) inside flow allows to do this. 
This way we can restrict user from Power BI workspace perspective but at the same time can allow them to just refresh the dataset.

Thanks for your help guys!!

View solution in original post

Message 4 of 5
1,608 Views
0
4 REPLIES 4
Anonymous
Not applicable

‎08-25-2022 06:11 AM

Thanks for your relpies @otravers  @ibarrau 
Well this is the ideal solution which should be implemented from the start. Thanks for letting me know.

Also, the other solution which worked in my specific case is just run the flow with the account which has higher level of permissions (like @ibarrau mentioned in his answer). The new task (PowerApps V2) inside flow allows to do this. 
This way we can restrict user from Power BI workspace perspective but at the same time can allow them to just refresh the dataset.

Thanks for your help guys!!

Message 4 of 5
1,609 Views
0
JonSov
Regular Visitor
In response to Anonymous

‎01-11-2023 09:07 AM

How can you use PowerApps V2 trigger to run the flow with a different account?

Message 5 of 5
1,360 Views
0
ibarrau
Super User
Super User

‎08-09-2022 05:42 AM

Hi. Like otravers says you might want to use a service account (like service pricipal). The main thing here is that the user or account used to refresh needs more permissions, so it can't be inside of a security group that can only "View" inside the workspace. The service principal is usually the best option because it doesn't depends on a user, it's an app registered for the organization.
I hope that make sense


If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Happy to help!

LaDataWeb Blog

Message 3 of 5
1,646 Views
0
otravers
Community Champion
Community Champion

‎08-09-2022 05:34 AM

You should be able to solve this conundrum by using a service principal:

https://benediktbergmann.eu/2022/01/04/setup-a-service-principal-in-power-automate/

------------------------------------------------
1. How to get your question answered quickly - good questions get good answers!
2. Learning how to fish > being spoon-fed without active thinking.
3. Please accept as a solution posts that resolve your questions.
------------------------------------------------
BI Blog: Datamarts | RLS/OLS | Dev Tools | Languages | Aggregations | XMLA/APIs | Field Parameters | Custom Visuals
Message 2 of 5
1,652 Views
0

Helpful resources

Announcements
LearnSurvey

Fabric certifications survey

Certification feedback opportunity for the community.

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All