Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.
Hi, Is there any way I can control the session timeout for internal or external user that I have shared powerbi report/dashboard? One of my clients have this kind of security policy so if a user don't intract with powerbi report it should automatically sign out and I need to implement this in my powerbi dashboard. I know this is already in Idea Session Log off here but that does not help since no action from microsoft powerbi team.
I was lookin on some post about Azure Active directory and Kerberos for single sign-on (SSO) but that looks too confusing to me.
https://docs.microsoft.com/en-us/azure/active-directory-b2c/session-behavior
https://docs.microsoft.com/en-gb/power-bi/whitepaper-powerbi-security
Any help on this is really appriciated.
Thanks, Kulchandra
Hi @Anonymous ,
Based on this document, From that point forward, all calls to the Power BI service are with the specified Back-End cluster, and all calls include the user's AAD token. The AAD token has a timeout of one hour; the WFE refreshes the token periodically if a user's session remains open, in order to preserve access.
Based on my research, we can try to Configurable policy property details by using cmdlets, and then Assign the policy to service principal. For example, try to create a policy that have only 5 minutes of AccessTokenLifetime, then then reduce the value of Token Max Inactive Time and Refresh Token Max Age to make session expire after it does not active. Please refer to this document about the AAD Token life time policy management: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-lifetimes#configurable-policy-property-details
Best regards,
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Check out the April 2024 Power BI update to learn about new features.