Question

How do I apply row-level security in paginated reports?
This question focuses on implementing row-level security (RLS) in Power BI paginated reports. The goal is to apply security filters dynamically based on the user viewing the report so that each user only sees the data they are authorized to view. This ensures that sensitive or role-specific data is protected when using paginated reports.

Answer 1

To apply row-level security (RLS) in paginated reports, you need to use a data model that already has RLS implemented, typically through a Power BI dataset or an Analysis Services (SSAS) model with security roles defined. Paginated reports themselves don’t directly enforce RLS but inherit it from the connected data source.

Here’s how to set it up:

1. Define RLS roles in your Power BI dataset (using Power BI Desktop) or within SSAS by specifying DAX filters that restrict data based on the user’s identity (e.g., [Region] = USERNAME()).

2. Publish the dataset to the Power BI Service and assign users to their appropriate roles.

3. In Power BI Report Builder, connect the paginated report to the dataset that has RLS configured.

4. When the paginated report is viewed or scheduled through the Power BI Service, it automatically respects the RLS rules based on the signed-in user’s identity.

To ensure RLS works as expected, test the report using different user accounts or use the “View As Role” feature in Power BI Desktop. This approach provides secure, personalized data views for each user, making it ideal for sensitive or department-specific reporting.