This repository is simple example of hosting/embedding a Row Level Security enabled Power BI report within a web application for the purpose of multi-tenant access.
- Create a App Registration
- Set to multi-tenant
- Enable id_tokens for a web platform
- Add service principal access as member/contributor to Workspace with embedded report
- Enable service principals accessing Fabric APIs
- Deploy Web App, configure settings
//TODO: add screenshots
- App Service
- Storage Account
- Power BI A SKU
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "company.onmicrosoft.com",
"TenantId": "Common",
"ClientId": "", //guid of the application registration
"CallbackPath": "/signin-oidc",
"SignedOutCallbackPath": "/signout-callback-oidc",
"ScopeBase": [ "https://analysis.windows.net/powerbi/api/.default" ],
"ClientSecret": "" //client secret created
},
"PowerBI": {
"TenantId": "", //Entra ID tenant ID
"WorkspaceId": "", //PBI Workspace ID
"ReportId": "", //PBI Report ID
"Role": "Sample"
},
"ApprovedDomains": {
"AzureStorageConnectionString": "", //connection string where we host our approved domains list
"Container": "control",
"BlobName": "domains.csv"
},