Row-Level Security (RLS)
AtlasData fully respects Power BI RLS configurations.
How does it work?
When a user accesses a report through AtlasData:
- The system identifies the user
- Generates an embed token with the user's identity
- Power BI applies RLS rules
- The user sees only permitted data
Configuring RLS
RLS is configured directly in Power BI Desktop:
- Open the report in Power BI Desktop
- Go to Modeling > Manage roles
- Create security roles
- Define DAX filter expressions
- Publish the report
Testing RLS
To test if RLS is working:
- In Power BI Desktop, use View as role
- In AtlasData, access as a restricted user
- Verify that data is filtered correctly
Best Practices
- Use
USERPRINCIPALNAME()to filter by email - Test all roles before publishing
- Document security rules