Get startedGet started for free

Manage dataset permissions

1. Manage dataset permissions

This demo is all about securing data in Power BI Online. First, let’s look at what we can do to protect access to datasets. In our Wake County workspace, we have a dataset. Navigating to the context menu for this dataset, I can choose Manage permissions. This takes me to a page in which I can manage dataset permissions. Note that I must be an administrator or member to view this page. There are two tabs here: one to manage direct access to the dataset and the other to manage links that we generate when sharing reports. For direct access, I can see my account here because I am the owner of this dataset. We can also see an entry for anybody in our organization because we created an app using this dataset. If I want to add a new user, I can do so by clicking the Add user button. This brings up a dialog in which I can enter an e-mail address and choose the level of access to this dataset. We can optionally let people re-share the data or build new content off of this dataset. Most of the time, the people building these datasets want that level of interaction and so they are reasonable defaults but we can turn them off for certain users if there is a reason. The Links menu currently does not have anything in here because we have not shared reports as links. Let’s do that now. We can see that there’s no way to add a link to a dataset directly but if I drill into Reports, I can choose the Wake County Restaurant Inspections report. On that page, I can add a link. This brings up a dialog into which I can enter e-mail addresses and set permissions. I’ll enter my e-mail address and send. Now I have a link with two permissions: Read and Reshare. Read allows me to access reports and Reshare lets me share that dataset with other people, who will get equivalent permissions to what I have. Back on the dataset, I can see that link as well. Now let’s enable row-level security on this dataset. To do so, I will open the report in Power BI Desktop. In the Modeling tab, we can see two options in Security. The first is Manage roles. This allows us to define roles for row-level security, such as cases where the restaurant’s location is the Town of Cary. Let’s select the ellipsis for the Restaurants in Wake County table, see the column for City in the list, and define a filter where the city is equal to Cary. Now we can select the “View as” option and see how it would look for somebody in the Town of Cary role. We can see that the number of inspections has changed and that’s because we’re only including restaurant inspections in Cary. I’ll stop viewing and then publish this report. After publication is complete, we can return to the Power BI Service and navigate into the Security menu for our dataset. Here, we can define which users and groups belong in which roles. For now, Office 365 groups are not supported but you can add Power BI security groups. One important note is that, if a user has edit permission on the dataset – that is, the user is an Admin, Member, or Contributor – then row-level security will not apply. They will be able to see all of the data in the report, not just the data associated with their role. To ensure that users see those row-level security filters, you should only assign them to the Viewer role. Now that we’ve taken a look at dataset permissions and row-level security, let’s go to the following exercises.

2. Let's practice!

Create Your Free Account

or

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.