Coder Social home page Coder Social logo

cbattlegear / effectiveidentityrowlevelsecurity Goto Github PK

View Code? Open in Web Editor NEW
1.0 2.0 0.0 201 KB

Example of using EffectiveIdentity to pass Custom Data for RLS to Analysis Services with Power BI Embedded

C# 8.06% CSS 0.34% JavaScript 89.38% HTML 2.18% ASP.NET 0.04%

effectiveidentityrowlevelsecurity's Introduction

App Owns Data sample - Using EffectiveIdentity and CustomData

Based on documentation from https://docs.microsoft.com/en-us/power-bi/developer/embedded/embedded-row-level-security#using-the-customdata-feature

First, Read this documentation to prepare your environment https://docs.microsoft.com/en-us/power-bi/developer/embedding-content

Second, Deploy your AAS Model https://docs.microsoft.com/en-us/azure/analysis-services/analysis-services-deploy

Finally, Add your Role, Filter (using CUSTOMDATA()), and Service Principal to the Role https://docs.microsoft.com/en-us/analysis-services/tabular-models/manage-roles-by-using-ssms-ssas-tabular?view=asallproducts-allversions

Choose Auth Method

Currently MasterUser is not functional

In web.config:

  • For authentication with master user credential choose MasterUser as AuthenticationType.

  • For authentication with app secret choose ServicePrincipal as AuthenticationType (Preview).

More details here: https://docs.microsoft.com/en-us/power-bi/developer/embed-service-principal

To embed reports, dashboards and tiles, the following details must be specified within web.config:

Detail Description
applicationId Id of the AAD application registered as a NATIVE app.
workspaceId The group or workspace Id in Power BI containing the reports, dashboards and tiles you want to embed.
defaultRLSFilter The default filter that will be passed to the CUSTOMDATA() function
defaultRLSRole The default role that will be applied in Analysis Services
pbiUsername A Power BI username (e.g. Email). The user must be an admin of the group above. (For Master User Only)
pbiPassword The password of the Power BI user above. (For Master User Only)
applicationSecret Seecret Key of the AAD application registered as a NATIVE app. (For Service Principal Only)
tenant Tenant Id of the Apllication. (For Service Principal Only)
objectId The ObjectID of the Service Principal. (For Service Principal Only). Remember to get the Service Principal ObjectID (under Enterprise Apps) not the App Registration (where client secrets are)

Important

For security reasons, in a real application, the user and password and app secret should not be saved in web.config. Instead, consider securing credentials with an application such as KeyVault.

effectiveidentityrowlevelsecurity's People

Contributors

cbattlegear avatar dependabot[bot] avatar

Stargazers

avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.