0

I used below article to embed PowerBI reports into my WebApp, but there is a security issue with this method. End users have access to the AccessToken we provide to PowerBI API, by having that, they have access to all other stuff on our account!

Is there any way to get the reports on server side and show the them to end users?

Integrate a Power BI tile or report into an app

Saeid
  • 1
  • 2

1 Answers1

0

How are you generating the access token?

When I have used the above method that you are referencing, my application is authenticating with Azure AD and I have to specifically SHARE the report/dashboard I want the user to have access to. This means that when the user authenticates they would only ever be able to use the generated access token to see things they already have access to if they went to powerbi.com directly.

I am not sure exactly how you are setting this up but if you are concerned about them having access to everything else in the account it would seem to me you are generating this access token with some master user account and not using the logged in users credentials to generate the access token from AAD.

If this is what you are doing you may want to look at the new Power BI Embedded service as this might be a better direction to go in your scenario. I myself am moving to use the power bi embedded service so I do not have to rely on all users who need access to reports having a power bi account. With this I am also in control of who can see what report without having to specifically share the report through powerbi.com.

Hope this helps.

JustLogic
  • 1,738
  • 2
  • 12
  • 24
  • Hi JustLogic. I'm struggling with PowerBI and Azure accounts & APIs. I want to embed some Tiles in my Rails web app, which will be accessible behind my custom user authentication (devise). But, it seems each time a user want to access a Tile he have to authenticate through the Microsoft portal. I want that operation to be server side and hidden for the end user. Do you think Power BI Embedded service is good for me? – fro_oo Sep 30 '16 at 08:33
  • 1
    @fro_oo If you use powerbi embedded it would eliminate your authentication issues because you will be given access keys to view the collection of reports. This means in your app you would need to make the determination who can see what. The only thing I am not sure of is being able to view "Tiles." I have only ever had the need to display a full report. – JustLogic Sep 30 '16 at 12:19
  • Okay, thank you. This is a good set for my sail... I was struggling with to much information & walkthrough. – fro_oo Sep 30 '16 at 14:50