Hi All,
I have to integrate our power bi reports into an external application with following capabilities:
1) Reports should show only user specific data(row level security). I have more than 100 users
2) Report background and some images should be changed on user login
Note: Our source system is not present in Azure and we have to see latest data for every hour. We are not interested in moving data to Microsoft Azure. And also we are not interested in creating separate report for each user.
We found two solution for this.
Rest API:
We can also implement row level security using Rest API, however user filter is visible to end user which enables end user to change filter and see other user data.
As parameter is embedded in the URL it becomes security risk a user using developer tool( press F12) can pass on request by new user token.
We are currently working on a POC, which will eliminate the user drop down by Java script.Any person with some java script knowledge can catch the response using fiddler tool, he can see the other user tokens.When number of users are more then the size of markup will be huge which leads to poor response time.
We feel it's correct solution to implement RLS using query string.
Power BI Embedded:
Power BI embedded enables row level security,however periodic refresh is not enabled now.We have to manually publish to service to get latest data.This not suits for us as our data not present in cloud.
If any body have solution for our problem. Please let me know. Can you reach me via phone also 9703541044