{"id":50497,"date":"2023-08-18T09:30:42","date_gmt":"2023-08-18T07:30:42","guid":{"rendered":"https:\/\/www.cubeserv.com\/authorizations-in-power-bi-in-interaction-with-sap-bw\/"},"modified":"2023-11-11T15:15:39","modified_gmt":"2023-11-11T14:15:39","slug":"authorizations-in-power-bi-in-interaction-with-sap-bw","status":"publish","type":"post","link":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/","title":{"rendered":"Authorizations in Power BI &#8211; in interaction with SAP BW"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"50497\" class=\"elementor elementor-50497 elementor-48570\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-bccbcdf elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"bccbcdf\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5606f5b\" data-id=\"5606f5b\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-45cad78 elementor-widget elementor-widget-heading\" data-id=\"45cad78\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Time of changes<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b89297f elementor-widget elementor-widget-text-editor\" data-id=\"b89297f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Rising interest rates, new regulatory requirements, problems in supply chains &#8211; more than ever, companies are facing the challenge of being able to quickly assess the impact of new situations and initiate appropriate measures if necessary. Against this backdrop, the IT infrastructure is being rethought in many places and requirements are being redefined. The focus is on greater flexibility, faster access times, less coordination effort, and dependencies. In addition to conceptual considerations (see also the blog entry on the topic of &#8220;<a href=\"https:\/\/www.cubeserv.com\/en\/support-bi-self-service-implement-the-data-mesh-concept\/\">Data Mesh<\/a>&#8220;), new data modeling and reporting tools such as Microsoft&#8217;s Data Factory, Analysis Services, and Power BI are also being evaluated.<\/p>\n<p>When selecting new tools, the question quickly arises as to whether and to what extent existing data models and authorization logic can be integrated. As a rule, a lot of money, time, and nerves have already been invested in this. A complete rebuild should therefore be avoided.<\/p>\n<p>Today&#8217;s blog entry is dedicated to the topic of &#8220;Authorizations in Power BI &#8211; in interaction with SAP BW&#8221;. First, the most important elements of the Power BI authorization concept are outlined. Then we will show you a way to dynamically transfer existing BW analysis authorizations to Power BI &#8211; to avoid time-consuming and costly redefinitions.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8f0cd53 elementor-widget elementor-widget-heading\" data-id=\"8f0cd53\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">The Power BI authorization concept<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9a8bf22 elementor-widget elementor-widget-text-editor\" data-id=\"9a8bf22\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tIn Power BI, a distinction can be made between function and data authorizations, similar to SAP BW. Function authorizations define the objects (queries, data pools, etc.) to which a user is authorized. Data authorizations, on the other hand, restrict the set of values to be displayed (according to a user&#8217;s operational function).\r\n\r\nIn Power BI, the objects to be authorized are called &#8220;artifacts&#8221;. The most important are Datasets, reports, workspaces, dashboards, and apps. The authorized users and the scope of functions (e.g. with regard to reading\/editing) can be defined individually for each element. However, the definition can also be made at a global level, e.g. via workspaces. The authorizations are then inherited by the underlying objects.\r\n\r\nThe assignment of function authorizations therefore requires precise knowledge of the relationship structure between individual artifacts. On the other hand, different functions and authorization-related setting options are associated with each artifact. The following table provides an overview of these issues.\r\n<div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t<div class=\"elementor-element elementor-element-e007b9b e-flex e-con-boxed e-con e-parent\" data-id=\"e007b9b\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-4f300dc e-con-full e-flex e-con e-parent\" data-id=\"4f300dc\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-54a74df elementor-widget__width-initial elementor-widget elementor-widget-heading\" data-id=\"54a74df\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-medium\">Artifact<br><\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7d519cc elementor-widget elementor-widget-text-editor\" data-id=\"7d519cc\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Areas of work<\/p>\n<p><span style=\"color: var( --e-global-color-text );\">\u00a0<\/span><\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4d1dfec elementor-widget elementor-widget-image\" data-id=\"4d1dfec\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Arbeitsbereiche.png\" title=\"Arbeitsbereiche\" alt=\"Arbeitsbereiche\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-fef0a39 e-con-full e-flex e-con e-parent\" data-id=\"fef0a39\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-2b4c153 elementor-widget__width-initial elementor-widget elementor-widget-heading\" data-id=\"2b4c153\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-medium\">Content description<br><\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aa7b48f elementor-widget elementor-widget-text-editor\" data-id=\"aa7b48f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Containers for combining logically related elements, from data sources (datasets) to reports, dashboards, and apps. Bundle the other artifacts in a common area. Roughly comparable to an info area in SAP BW.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-df60aeb e-con-full e-flex e-con e-parent\" data-id=\"df60aeb\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-62a4d02 elementor-widget__width-initial elementor-widget elementor-widget-heading\" data-id=\"62a4d02\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-medium\">Relation to other artifacts<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2c051f2 elementor-widget elementor-widget-text-editor\" data-id=\"2c051f2\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul>\n<li>May contain N other artifacts<\/li>\n<\/ul>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b87d2de elementor-widget elementor-widget-image\" data-id=\"b87d2de\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Arbeitsbereiche_Artefakt.png\" title=\"Arbeitsbereiche_Artefakt\" alt=\"Arbeitsbereiche_Artefakt\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-df98d09 e-con-full e-flex e-con e-parent\" data-id=\"df98d09\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-26a7968 elementor-widget__width-initial elementor-widget elementor-widget-heading\" data-id=\"26a7968\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-medium\">Authorization setting<br><\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-859518f elementor-widget elementor-widget-text-editor\" data-id=\"859518f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>At this level, Azure Active Directory users (or user groups) can be assigned a workspace role. These are already predefined and include: Administrators, Members, Contributors and Readers. The role assignment has a direct impact on the creation, release and modification authorization of datasets, reports, dashboards and apps.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-922abb2 e-flex e-con-boxed e-con e-parent\" data-id=\"922abb2\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-9c1469c elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"9c1469c\" data-element_type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-eea8f98 e-flex e-con-boxed e-con e-parent\" data-id=\"eea8f98\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-cf30b0e e-con-full e-flex e-con e-parent\" data-id=\"cf30b0e\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-9c5bc59 elementor-widget elementor-widget-text-editor\" data-id=\"9c5bc59\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Datasets<\/p>\n<p>\u00a0<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0c4ac01 elementor-widget elementor-widget-image\" data-id=\"0c4ac01\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/elementor\/thumbs\/Datasets-qbppndk3awxrx05k6z4ols10vcv3vz6sr3jwp73z7k.png\" title=\"Datasets\" alt=\"Datasets\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-5c00ef9 e-con-full e-flex e-con e-parent\" data-id=\"5c00ef9\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-4de578a elementor-widget elementor-widget-text-editor\" data-id=\"4de578a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Container for one or more data sources. The data can be available both physically and virtually &#8211; depending on the type of access (import or live connection). Provide the basis for reports.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-f9e961e e-con-full e-flex e-con e-parent\" data-id=\"f9e961e\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-883684a elementor-widget elementor-widget-text-editor\" data-id=\"883684a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul>\n<li>Belongs to 1:N workspaces<\/li>\n<li>Can be used in 0:N reports, dashboards, and apps<\/li>\n<\/ul>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7f8977a elementor-widget elementor-widget-image\" data-id=\"7f8977a\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Datasets_artefakt.png\" title=\"Datasets_artefakt\" alt=\"Datasets_artefakt\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-34277b8 e-con-full e-flex e-con e-parent\" data-id=\"34277b8\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-c39fc03 elementor-widget elementor-widget-text-editor\" data-id=\"c39fc03\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>The authorizations for datasets can be assigned in two ways: via the assignment of a workspace role (at the workspace level) or at the level of the respective dataset. The authorizations relate to changing, releasing, and creating content based on the dataset. In the case of role assignment, the specific authorizations are implicitly derived from the role (role-specific gradations). If a user is assigned directly, however, the scope of authorization can be defined individually.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-53621c2 e-flex e-con-boxed e-con e-parent\" data-id=\"53621c2\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-b898146 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"b898146\" data-element_type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-95aa2f9 e-flex e-con-boxed e-con e-parent\" data-id=\"95aa2f9\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-4c66bad e-con-full e-flex e-con e-parent\" data-id=\"4c66bad\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-7338e75 elementor-widget elementor-widget-text-editor\" data-id=\"7338e75\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Reports<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aff9b32 elementor-widget elementor-widget-image\" data-id=\"aff9b32\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Berichte.png\" title=\"Berichte\" alt=\"Berichte\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-f4b0ac5 e-con-full e-flex e-con e-parent\" data-id=\"f4b0ac5\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-55bdba1 elementor-widget elementor-widget-text-editor\" data-id=\"55bdba1\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Tabular and\/or graphical representation of the contents of a dataset. Can be created and modified via Power BI Desktop as well as via Power BI Service (Web). Enables self-service functionality for end users.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-fa1cd8b e-con-full e-flex e-con e-parent\" data-id=\"fa1cd8b\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-725529b elementor-widget elementor-widget-text-editor\" data-id=\"725529b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul>\n<li>Belongs to 1 workspace<\/li>\n<li>Based on 1 dataset<\/li>\n<li>Can be used in 0:N dashboards and apps of the same workspace<\/li>\n<\/ul>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-72c29ff elementor-widget elementor-widget-image\" data-id=\"72c29ff\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Berichte_artefakt.png\" title=\"Berichte_artefakt\" alt=\"Berichte_artefakt\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-dee255b e-con-full e-flex e-con e-parent\" data-id=\"dee255b\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-b37bc43 elementor-widget elementor-widget-text-editor\" data-id=\"b37bc43\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Similar to datasets, the authorizations for calling up and creating reports can be assigned in two ways. Via the assignment of a workspace role or the direct assignment of a user to a report. The authorizations can include, on the one hand, the release of the report (granting read authorization for other users) and, on the other hand, the authorization to create content (build option). This authorizes other users to build their own reports based on the underlying dataset.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-11b208f e-flex e-con-boxed e-con e-parent\" data-id=\"11b208f\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0bc6d10 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"0bc6d10\" data-element_type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-d89c2c3 e-flex e-con-boxed e-con e-parent\" data-id=\"d89c2c3\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-4372d7c e-con-full e-flex e-con e-parent\" data-id=\"4372d7c\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-44b1e5b elementor-widget elementor-widget-text-editor\" data-id=\"44b1e5b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Dashboards<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5d2622b elementor-widget elementor-widget-image\" data-id=\"5d2622b\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Dahboard.png\" title=\"Dahboard\" alt=\"Dahboard\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-6811fae e-con-full e-flex e-con e-parent\" data-id=\"6811fae\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-14f96a4 elementor-widget elementor-widget-text-editor\" data-id=\"14f96a4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Summary of content from different reports and datasets. The home page can contain any number of tiles and widgets that can be used for detailed navigation.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-c568a63 e-con-full e-flex e-con e-parent\" data-id=\"c568a63\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0c8d424 elementor-widget elementor-widget-text-editor\" data-id=\"0c8d424\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul>\n<li>Belongs to 1 workspace<\/li>\n<li>Obtains the data from 0:N reports and datasets<\/li>\n<li>Can be used in 0:N apps of the same workspace<\/li>\n<\/ul>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c7eef21 elementor-widget elementor-widget-image\" data-id=\"c7eef21\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Dashboard-Artefakte.png\" title=\"Dashboard Artefakte\" alt=\"Dashboard Artefakte\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-72be237 e-con-full e-flex e-con e-parent\" data-id=\"72be237\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-18837d5 elementor-widget elementor-widget-text-editor\" data-id=\"18837d5\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>In contrast to the other artifacts (datasets, reports, and dashboards), apps are equipped with an additional authorization layer. As with the other artifacts, permissions can initially be inherited via the workspace role or assigned directly. However, direct assignment offers additional functions. Individual user groups can be defined at this point. Here, access to the underlying reports &amp; dashboards can be set for specific user groups. Due to this feature, it is recommended to always distribute dashboards and reports via apps.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-fedb545 e-flex e-con-boxed e-con e-parent\" data-id=\"fedb545\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-a41ff99 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"a41ff99\" data-element_type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-f9ce575 e-flex e-con-boxed e-con e-parent\" data-id=\"f9ce575\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-1fbb845 e-con-full e-flex e-con e-parent\" data-id=\"1fbb845\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-36ba9fa elementor-widget elementor-widget-text-editor\" data-id=\"36ba9fa\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Apps<\/p>\n<p>\u00a0<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1d80a06 elementor-widget elementor-widget-image\" data-id=\"1d80a06\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/aPPS.png\" title=\"aPPS\" alt=\"aPPS\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-1b0eba6 e-con-full e-flex e-con e-parent\" data-id=\"1b0eba6\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-84f8230 elementor-widget elementor-widget-text-editor\" data-id=\"84f8230\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Summary of content from different reports and datasets. The home page can contain any number of tiles and widgets that can be used for detailed navigation.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-390595a e-con-full e-flex e-con e-parent\" data-id=\"390595a\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e5ea960 elementor-widget elementor-widget-text-editor\" data-id=\"e5ea960\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul>\n<li>Are created based on 1 workspace<\/li>\n<li>Include data from 0:N reports, datasets, and dashboards of the same workspace<\/li>\n<\/ul>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-50c9a51 elementor-widget elementor-widget-image\" data-id=\"50c9a51\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Apps-Artefakt.png\" title=\"Apps-Artefakt\" alt=\"Apps-Artefakt\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-0be3597 e-con-full e-flex e-con e-parent\" data-id=\"0be3597\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-704efe5 elementor-widget elementor-widget-text-editor\" data-id=\"704efe5\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>In contrast to the other artifacts (datasets, reports, and dashboards), apps are equipped with an additional authorization layer. As with the other artifacts, permissions can initially be inherited via the workspace role or assigned directly. However, direct assignment offers additional functions. Individual user groups can be defined at this point. Here, access to the underlying reports &amp; dashboards can be set for specific user groups. Due to this feature, it is recommended to always distribute dashboards and reports via apps.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-0cd852c elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"0cd852c\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-cadce0e\" data-id=\"cadce0e\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7979000 elementor-widget elementor-widget-text-editor\" data-id=\"7979000\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Now that an overview of functional authorizations has been provided, we will turn our attention to data authorizations in the following section. We will also look at the dynamic integration of SAP analysis authorizations in Power BI.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-289952c elementor-widget elementor-widget-heading\" data-id=\"289952c\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Mapping of data authorizations via Row-Level-Security (RLS)<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6c0e51e elementor-widget elementor-widget-text-editor\" data-id=\"6c0e51e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">In Power BI, data authorizations are mapped using the so-called &#8220;Row-Level-Security&#8221; approach. It enables the definition of individual data roles in which the authorized data volume can be restricted via DAX statements. The restrictions can relate to all characteristic fields of the underlying data sources. Calculated tables that represent a view of another table can also be used as the basis for authorization &#8211; this is particularly interesting for the so-called dynamic RLS (more on this later).<br \/>\n<span style=\"color: var( --e-global-color-text );\"><br \/>\n<\/span>The following illustration shows a simple example of a role definition for restricting the amount of data:<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-922d6b5 elementor-widget elementor-widget-image\" data-id=\"922d6b5\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"690\" height=\"417\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS-PowerBI.png\" class=\"attachment-large size-large wp-image-48616\" alt=\"\" srcset=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS-PowerBI.png 690w, https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS-PowerBI-300x181.png 300w\" sizes=\"(max-width: 690px) 100vw, 690px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bd388d6 elementor-widget elementor-widget-text-editor\" data-id=\"bd388d6\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">In this case, the reporting model only consists of one data source (headcount). A Dax filter is used to restrict the characteristics &#8220;Business unit&#8221; and &#8220;Country&#8221; to the characteristics to be authorized.<\/p>\n<p class=\"MsoNormal\">While the roles are defined within &#8220;Power BI Desktop&#8221;, the user or user group assignment is carried out in &#8220;Power BI Service&#8221;. The published dataset has the option &#8220;Security at row level&#8221; for this purpose. The corresponding users can be assigned here:<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9938fdb elementor-widget elementor-widget-image\" data-id=\"9938fdb\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"690\" height=\"254\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS2.png\" class=\"attachment-large size-large wp-image-48619\" alt=\"\" srcset=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS2.png 690w, https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS2-300x110.png 300w\" sizes=\"(max-width: 690px) 100vw, 690px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-993650f elementor-widget elementor-widget-text-editor\" data-id=\"993650f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">Without a corresponding assignment, an error message is displayed to users with read authorization.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bd65529 elementor-widget elementor-widget-image\" data-id=\"bd65529\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"651\" height=\"36\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS-Error.png\" class=\"attachment-large size-large wp-image-48622\" alt=\"\" srcset=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS-Error.png 651w, https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS-Error-300x17.png 300w\" sizes=\"(max-width: 651px) 100vw, 651px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-66f4326 elementor-widget elementor-widget-text-editor\" data-id=\"66f4326\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">Attention: Security at the line level does not apply if the users are assigned one of the above-mentioned workspace roles (administrator, member, or contributor). These roles should therefore be assigned with great care and only to power users.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a246748 elementor-widget elementor-widget-heading\" data-id=\"a246748\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Static vs. dynamic Row Level Security<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fb2fc24 elementor-widget elementor-widget-text-editor\" data-id=\"fb2fc24\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">In the example shown at the beginning, RLS was mapped using the static method. This should be avoided in practice for the following reasons:<\/p>\n<ul>\n<li class=\"MsoNormal\">High implementation and maintenance effort: existing analysis authorizations (in SAP BW) would have to be recreated manually. Depending on the number of authorization-relevant objects and characteristic values to be authorized, maintenance via DAX formulas quickly becomes confusing and difficult to manage.<\/li>\n<li class=\"MsoNormal\">The roles are defined for each Power BI report. They can neither be maintained globally (i.e. across reports) nor transported.<\/li>\n<\/ul>\n<p class=\"MsoNormal\">Due to these limitations, it is advisable to map authorizations using the dynamic RLS approach.<\/p>\n<p>Dynamic RLS is characterized by the fact that the authorized values are kept in a separate table for each user. The DAX function &#8220;USERPRINCIPALNAME&#8221; is used to determine the user when a report is called up and the data is filtered according to the authorization table. This offers the great advantage that the maintenance effort within the data roles is reduced to a few statements:<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d6821ec elementor-widget elementor-widget-image\" data-id=\"d6821ec\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"690\" height=\"419\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/dyn_rls.png\" class=\"attachment-large size-large wp-image-48625\" alt=\"\" srcset=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/dyn_rls.png 690w, https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/dyn_rls-300x182.png 300w\" sizes=\"(max-width: 690px) 100vw, 690px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5837348 elementor-widget elementor-widget-text-editor\" data-id=\"5837348\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">The authorization table is linked to the data table (here &#8220;Headcount&#8221;) via &#8220;Relationships&#8221;. Filtering the authorization table thus automatically filters the data accordingly. Depending on the complexity of the data model, however, it may be necessary to create additional authorization tables. As a rule, 3 additional tables are required for each authorization-relevant characteristic &#8211; but these can be created relatively quickly within Power BI Desktop or Analysis Services. A concrete example is described in the following section.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7fa7e9e elementor-widget elementor-widget-heading\" data-id=\"7fa7e9e\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Exemplary implementation of the integration of SAP BW analysis authorizations in Power BI via dynamic RLS<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8bb7c7f elementor-widget elementor-widget-text-editor\" data-id=\"8bb7c7f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">The starting point of the example is a simplified BW data model. This is outlined in the following figure (left). It consists of a composite provider that contains headcount data (heads, FTE, employees, organizational units, etc.). The characteristics &#8220;country&#8221; and &#8220;business unit&#8221; are marked as authorization-relevant. The authorizations are managed via function and data roles, whereby the data role contains a reference to the analysis authorizations. The permitted values of the two characteristics are stored here.<\/p>\n<p class=\"MsoNormal\">To implement the dynamic RLS approach in Power BI, a table is required at this point that contains the authorized values for each user and authorization-relevant characteristics. This list can be generated using a corresponding ABAP program.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-81f4967 elementor-widget elementor-widget-image\" data-id=\"81f4967\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"484\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/SAPBW-1024x484.png\" class=\"attachment-large size-large wp-image-48628\" alt=\"\" srcset=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/SAPBW-1024x484.png 1024w, https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/SAPBW-300x142.png 300w, https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/SAPBW-768x363.png 768w, https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/SAPBW-1536x726.png 1536w, https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/SAPBW.png 1581w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-77cb65b elementor-widget elementor-widget-text-editor\" data-id=\"77cb65b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">Next, the Power BI model can be created in Power BI Desktop on this basis. Depending on the connection variant (import\/direct query), either the metadata or the complete table content is loaded into the model (for more details, see the following <a href=\"https:\/\/www.cubeserv.com\/en\/microsoft-power-bi-reporting-with-data-from-sap-bw\/\">blog entr<\/a>y). In this context, however, it should be noted that table relationships and roles cannot be created in Power BI for every connection variant. Here is an overview of this:<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6498ceb elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"6498ceb\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2db33fb\" data-id=\"2db33fb\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t<div class=\"elementor-element elementor-element-cfed91f e-flex e-con-boxed e-con e-parent\" data-id=\"cfed91f\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-1685b03 e-con-full e-flex e-con e-parent\" data-id=\"1685b03\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-807ce2b elementor-widget__width-initial elementor-widget elementor-widget-heading\" data-id=\"807ce2b\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-medium\">Variant<br><\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-bcc37e1 e-con-full e-flex e-con e-parent\" data-id=\"bcc37e1\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-870f02d elementor-widget__width-initial elementor-widget elementor-widget-heading\" data-id=\"870f02d\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-medium\">Dynamic RLS supported<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-d1efb0f e-flex e-con-boxed e-con e-parent\" data-id=\"d1efb0f\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-694d5d6 e-con-full e-flex e-con e-parent\" data-id=\"694d5d6\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-5a4a16d elementor-widget elementor-widget-text-editor\" data-id=\"5a4a16d\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>SAP BW -&gt; Power BI Desktop (Direct Query)<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-9731920 e-con-full e-flex e-con e-parent\" data-id=\"9731920\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-9dec62c elementor-widget elementor-widget-image\" data-id=\"9dec62c\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"57\" height=\"61\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/No.png\" class=\"attachment-thumbnail size-thumbnail wp-image-48631\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-f90c9ad e-flex e-con-boxed e-con e-parent\" data-id=\"f90c9ad\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-ca2df9c e-con-full e-flex e-con e-parent\" data-id=\"ca2df9c\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-bcbe6d1 elementor-widget elementor-widget-text-editor\" data-id=\"bcbe6d1\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>SAP BW -&gt; Power BI Desktop (Import)<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-117754c e-con-full e-flex e-con e-parent\" data-id=\"117754c\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-1601e57 elementor-widget elementor-widget-image\" data-id=\"1601e57\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"58\" height=\"62\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Yes.png\" class=\"attachment-thumbnail size-thumbnail wp-image-48634\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-67a48d2 e-flex e-con-boxed e-con e-parent\" data-id=\"67a48d2\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-c9a413b e-con-full e-flex e-con e-parent\" data-id=\"c9a413b\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-15786d7 elementor-widget elementor-widget-text-editor\" data-id=\"15786d7\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>SAP BW -&gt; Microsoft SQL Database -&gt; Power BI Desktop (Import)<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-2d80d7e e-con-full e-flex e-con e-parent\" data-id=\"2d80d7e\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-919e675 elementor-widget elementor-widget-image\" data-id=\"919e675\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"58\" height=\"62\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Yes.png\" class=\"attachment-thumbnail size-thumbnail wp-image-48634\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-2c83c27 e-flex e-con-boxed e-con e-parent\" data-id=\"2c83c27\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-7a068d0 e-con-full e-flex e-con e-parent\" data-id=\"7a068d0\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-193c6c9 elementor-widget elementor-widget-text-editor\" data-id=\"193c6c9\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>SAP BW -&gt; Microsoft SQL Database -&gt; Power BI Desktop (Live)<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-16c5e2e e-con-full e-flex e-con e-parent\" data-id=\"16c5e2e\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-7749acf elementor-widget elementor-widget-image\" data-id=\"7749acf\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"58\" height=\"62\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Yes.png\" class=\"attachment-thumbnail size-thumbnail wp-image-48634\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-ee06b68 e-flex e-con-boxed e-con e-parent\" data-id=\"ee06b68\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-4da5bc0 e-con-full e-flex e-con e-parent\" data-id=\"4da5bc0\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0bf37f5 elementor-widget elementor-widget-text-editor\" data-id=\"0bf37f5\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>SAP BW -&gt; Microsoft SQL Database -&gt; MS Analysis Services (Import)<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-e9d3c35 e-con-full e-flex e-con e-parent\" data-id=\"e9d3c35\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-6b5d3b1 elementor-widget elementor-widget-image\" data-id=\"6b5d3b1\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"58\" height=\"62\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/Yes.png\" class=\"attachment-thumbnail size-thumbnail wp-image-48634\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-9a9a87a e-flex e-con-boxed e-con e-parent\" data-id=\"9a9a87a\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-26afbd5 e-con-full e-flex e-con e-parent\" data-id=\"26afbd5\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0646757 elementor-widget elementor-widget-text-editor\" data-id=\"0646757\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>SAP BW -&gt; Microsoft SQL Database -&gt; MS Analysis Services (Live)<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-6e64969 e-con-full e-flex e-con e-parent\" data-id=\"6e64969\" data-element_type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-39e7a2a elementor-widget elementor-widget-image\" data-id=\"39e7a2a\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"57\" height=\"61\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/No.png\" class=\"attachment-thumbnail size-thumbnail wp-image-48631\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-8ac79a3 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"8ac79a3\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-38d691c\" data-id=\"38d691c\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-94a4c93 elementor-widget elementor-widget-text-editor\" data-id=\"94a4c93\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">Once a suitable connection variant has been selected and the BW tables have been loaded into the model, the next step is to create a &#8220;security&#8221; table for each authorization-relevant feature. The data is later filtered using these when the reports are called up. The following figure shows an example of this.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-52dfc2c elementor-widget elementor-widget-image\" data-id=\"52dfc2c\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"690\" height=\"384\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS-Model.png\" class=\"attachment-1536x1536 size-1536x1536 wp-image-48637\" alt=\"\" srcset=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS-Model.png 690w, https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/RLS-Model-300x167.png 300w\" sizes=\"(max-width: 690px) 100vw, 690px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6ac278b elementor-widget elementor-widget-text-editor\" data-id=\"6ac278b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">Once the tables have been created, they must be set in relation to each other as shown above. The direction of the arrow indicates the filter direction that is used for row-level security. As soon as the relationships have been created, the Power BI role can be created. Only then does dynamic security become active at the row level. The procedure for creating roles has already been described in the two previous sections. In this example, the DAX function &#8220;USERPRINCIPALNAME&#8221; must be entered in the &#8220;Security-User&#8221; tables.<\/p>\n<p>This completes the steps required in Power BI Desktop. Optionally, the report definition can be made at this point (alternatively in Power BI Service). To activate the authorizations or the dynamic RLS procedure, the role assignment to the individual users\/user groups is now required. This is done in the Power BI Service. Below the published dataset, there is the &#8220;Security&#8221; option. The corresponding user assignments must be made here.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-57f06d6 elementor-widget elementor-widget-image\" data-id=\"57f06d6\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"690\" height=\"523\" src=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/PowerBI.png\" class=\"attachment-1536x1536 size-1536x1536 wp-image-48640\" alt=\"\" srcset=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/PowerBI.png 690w, https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/PowerBI-300x227.png 300w\" sizes=\"(max-width: 690px) 100vw, 690px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-33d5c5b elementor-widget elementor-widget-heading\" data-id=\"33d5c5b\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Summary and Outlook<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3f6c437 elementor-widget elementor-widget-text-editor\" data-id=\"3f6c437\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"MsoNormal\">In this blog entry, the Power BI authorization concept was presented. It was shown that a distinction can be made between functional and data-related authorizations. With regard to functional authorizations, the underlying artifacts (workspaces, datasets, reports, dashboards, apps) were explained as well as their relationship structure. An understanding of the relationship structure is a prerequisite for understanding artifact-inherent inheritance logic. In this context, the predefined workspace roles (administrator, member, contributor, and reader) were also discussed, the assignment of which has a major impact on data authorizations &#8211; which is why great care must be taken at this point.<\/p>\n<p class=\"MsoNormal\">With regard to data authorizations, the &#8220;Row-Level-Security&#8221; (RLS) concept of Power BI was presented. The differences between static and dynamic RLS were highlighted and the advantages of the latter method were described. Finally, an application example was used to show that it is possible to automatically transfer SAP BW analysis authorizations to Power BI, thus avoiding the manual reconstruction of authorization logic.<\/p>\n<p class=\"MsoNormal\">Whether the presented concept for mapping SAP BW authorizations is suitable for a company now only depends on the question of whether the definition of authorizations within Power BI Desktop meets the requirements with regard to reusability. As mentioned, there is the restriction that authorizations cannot be transported or used across different systems. The procedure described would therefore have to be repeated from model to model if the business requirements cannot be mapped in one model and several reports have to be created.<\/p>\n<p class=\"MsoNormal\">However, the problem can be solved by defining the model and authorizations not within Power BI Desktop, but in Azure Analysis Services. Analysis Services data models can be consumed in Power BI as an independent data source. Once an authorization model has been built, it can therefore be reused by any number of Power BI reports. If you would like to find out more about this topic, please let us know. We will be happy to advise you.<\/p>\n<div><\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Time of changes Rising interest rates, new regulatory requirements, problems in supply chains &#8211; more than ever, companies are facing the challenge of being able to quickly assess the impact of new situations and initiate appropriate measures if necessary. Against this backdrop, the IT infrastructure is being rethought in many places and requirements are being &#8230; <a title=\"Authorizations in Power BI &#8211; in interaction with SAP BW\" class=\"read-more\" href=\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/\" aria-label=\"Read more about Authorizations in Power BI &#8211; in interaction with SAP BW\">Read more<\/a><\/p>\n","protected":false},"author":105,"featured_media":48651,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[508,551,622,552,623],"tags":[624,625,626,634,627,587,636,635,375],"class_list":["post-50497","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-business-analytics","category-front-end","category-microsoft-azure","category-power-bi","category-sap-business-warehouse","tag-azure","tag-azure-analytics","tag-azure-synapse","tag-berechtigungen","tag-data-factory","tag-power-bi","tag-rls","tag-roles","tag-sql"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.7 (Yoast SEO v24.1) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Authorizations in Power BI - in interaction with SAP BW - CubeServ<\/title>\n<meta name=\"description\" content=\"Power BI offers various options for the authorization of users. Dynamic, source data-based RLS in particular enables a wide range of application scenarios.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Authorizations in Power BI - in interaction with SAP BW\" \/>\n<meta property=\"og:description\" content=\"Power BI offers various options for the authorization of users. Dynamic, source data-based RLS in particular enables a wide range of application scenarios.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/\" \/>\n<meta property=\"og:site_name\" content=\"CubeServ\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CubeServ\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-18T07:30:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-11-11T14:15:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/digital-marketing-1433427_1920.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1282\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Robert Schmidl\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CubeServ\" \/>\n<meta name=\"twitter:site\" content=\"@CubeServ\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Robert Schmidl\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"18 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/\"},\"author\":{\"name\":\"Robert Schmidl\",\"@id\":\"https:\/\/www.cubeserv.com\/en\/#\/schema\/person\/c8bb675f09215865e0ea2307fda8c06f\"},\"headline\":\"Authorizations in Power BI &#8211; in interaction with SAP BW\",\"datePublished\":\"2023-08-18T07:30:42+00:00\",\"dateModified\":\"2023-11-11T14:15:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/\"},\"wordCount\":2306,\"publisher\":{\"@id\":\"https:\/\/www.cubeserv.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/digital-marketing-1433427_1920.jpg\",\"keywords\":[\"Azure\",\"Azure Analytics\",\"Azure Synapse\",\"Berechtigungen\",\"Data Factory\",\"Power BI\",\"RLS\",\"Roles\",\"SQL\"],\"articleSection\":[\"Business Analytics\",\"Front End\",\"Microsoft Azure\",\"Power BI\",\"SAP Business Warehouse\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/\",\"url\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/\",\"name\":\"Authorizations in Power BI - in interaction with SAP BW - CubeServ\",\"isPartOf\":{\"@id\":\"https:\/\/www.cubeserv.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/digital-marketing-1433427_1920.jpg\",\"datePublished\":\"2023-08-18T07:30:42+00:00\",\"dateModified\":\"2023-11-11T14:15:39+00:00\",\"description\":\"Power BI offers various options for the authorization of users. Dynamic, source data-based RLS in particular enables a wide range of application scenarios.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#primaryimage\",\"url\":\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/digital-marketing-1433427_1920.jpg\",\"contentUrl\":\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/digital-marketing-1433427_1920.jpg\",\"width\":1920,\"height\":1282},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\/\/www.cubeserv.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Authorizations in Power BI &#8211; in interaction with SAP BW\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.cubeserv.com\/en\/#website\",\"url\":\"https:\/\/www.cubeserv.com\/en\/\",\"name\":\"CubeServ\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.cubeserv.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.cubeserv.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.cubeserv.com\/en\/#organization\",\"name\":\"CubeServ Group\",\"url\":\"https:\/\/www.cubeserv.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cubeserv.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2020\/07\/CubeServ_Web_Logo-768x372-1.png\",\"contentUrl\":\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2020\/07\/CubeServ_Web_Logo-768x372-1.png\",\"width\":768,\"height\":372,\"caption\":\"CubeServ Group\"},\"image\":{\"@id\":\"https:\/\/www.cubeserv.com\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/CubeServ\",\"https:\/\/x.com\/CubeServ\",\"https:\/\/www.instagram.com\/cubeservgroup\/\",\"https:\/\/www.linkedin.com\/company\/112961\/\",\"https:\/\/www.youtube.com\/user\/CubeServGroup\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.cubeserv.com\/en\/#\/schema\/person\/c8bb675f09215865e0ea2307fda8c06f\",\"name\":\"Robert Schmidl\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cubeserv.com\/en\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2022\/08\/Robert-Schmidl-150x150.jpg\",\"contentUrl\":\"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2022\/08\/Robert-Schmidl-150x150.jpg\",\"caption\":\"Robert Schmidl\"},\"description\":\"SAP BW Architect\",\"url\":\"https:\/\/www.cubeserv.com\/en\/author\/schmidlr\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Authorizations in Power BI - in interaction with SAP BW - CubeServ","description":"Power BI offers various options for the authorization of users. Dynamic, source data-based RLS in particular enables a wide range of application scenarios.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/","og_locale":"en_US","og_type":"article","og_title":"Authorizations in Power BI - in interaction with SAP BW","og_description":"Power BI offers various options for the authorization of users. Dynamic, source data-based RLS in particular enables a wide range of application scenarios.","og_url":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/","og_site_name":"CubeServ","article_publisher":"https:\/\/www.facebook.com\/CubeServ","article_published_time":"2023-08-18T07:30:42+00:00","article_modified_time":"2023-11-11T14:15:39+00:00","og_image":[{"width":1920,"height":1282,"url":"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/digital-marketing-1433427_1920.jpg","type":"image\/jpeg"}],"author":"Robert Schmidl","twitter_card":"summary_large_image","twitter_creator":"@CubeServ","twitter_site":"@CubeServ","twitter_misc":{"Written by":"Robert Schmidl","Est. reading time":"18 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#article","isPartOf":{"@id":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/"},"author":{"name":"Robert Schmidl","@id":"https:\/\/www.cubeserv.com\/en\/#\/schema\/person\/c8bb675f09215865e0ea2307fda8c06f"},"headline":"Authorizations in Power BI &#8211; in interaction with SAP BW","datePublished":"2023-08-18T07:30:42+00:00","dateModified":"2023-11-11T14:15:39+00:00","mainEntityOfPage":{"@id":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/"},"wordCount":2306,"publisher":{"@id":"https:\/\/www.cubeserv.com\/en\/#organization"},"image":{"@id":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/digital-marketing-1433427_1920.jpg","keywords":["Azure","Azure Analytics","Azure Synapse","Berechtigungen","Data Factory","Power BI","RLS","Roles","SQL"],"articleSection":["Business Analytics","Front End","Microsoft Azure","Power BI","SAP Business Warehouse"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/","url":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/","name":"Authorizations in Power BI - in interaction with SAP BW - CubeServ","isPartOf":{"@id":"https:\/\/www.cubeserv.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#primaryimage"},"image":{"@id":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/digital-marketing-1433427_1920.jpg","datePublished":"2023-08-18T07:30:42+00:00","dateModified":"2023-11-11T14:15:39+00:00","description":"Power BI offers various options for the authorization of users. Dynamic, source data-based RLS in particular enables a wide range of application scenarios.","breadcrumb":{"@id":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#primaryimage","url":"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/digital-marketing-1433427_1920.jpg","contentUrl":"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2023\/08\/digital-marketing-1433427_1920.jpg","width":1920,"height":1282},{"@type":"BreadcrumbList","@id":"https:\/\/www.cubeserv.com\/en\/authorizations-in-power-bi-in-interaction-with-sap-bw\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.cubeserv.com\/en\/"},{"@type":"ListItem","position":2,"name":"Authorizations in Power BI &#8211; in interaction with SAP BW"}]},{"@type":"WebSite","@id":"https:\/\/www.cubeserv.com\/en\/#website","url":"https:\/\/www.cubeserv.com\/en\/","name":"CubeServ","description":"","publisher":{"@id":"https:\/\/www.cubeserv.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cubeserv.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.cubeserv.com\/en\/#organization","name":"CubeServ Group","url":"https:\/\/www.cubeserv.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cubeserv.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2020\/07\/CubeServ_Web_Logo-768x372-1.png","contentUrl":"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2020\/07\/CubeServ_Web_Logo-768x372-1.png","width":768,"height":372,"caption":"CubeServ Group"},"image":{"@id":"https:\/\/www.cubeserv.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/CubeServ","https:\/\/x.com\/CubeServ","https:\/\/www.instagram.com\/cubeservgroup\/","https:\/\/www.linkedin.com\/company\/112961\/","https:\/\/www.youtube.com\/user\/CubeServGroup"]},{"@type":"Person","@id":"https:\/\/www.cubeserv.com\/en\/#\/schema\/person\/c8bb675f09215865e0ea2307fda8c06f","name":"Robert Schmidl","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cubeserv.com\/en\/#\/schema\/person\/image\/","url":"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2022\/08\/Robert-Schmidl-150x150.jpg","contentUrl":"https:\/\/www.cubeserv.com\/wp-content\/uploads\/2022\/08\/Robert-Schmidl-150x150.jpg","caption":"Robert Schmidl"},"description":"SAP BW Architect","url":"https:\/\/www.cubeserv.com\/en\/author\/schmidlr\/"}]}},"_links":{"self":[{"href":"https:\/\/www.cubeserv.com\/en\/wp-json\/wp\/v2\/posts\/50497","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cubeserv.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cubeserv.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cubeserv.com\/en\/wp-json\/wp\/v2\/users\/105"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cubeserv.com\/en\/wp-json\/wp\/v2\/comments?post=50497"}],"version-history":[{"count":0,"href":"https:\/\/www.cubeserv.com\/en\/wp-json\/wp\/v2\/posts\/50497\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cubeserv.com\/en\/wp-json\/wp\/v2\/media\/48651"}],"wp:attachment":[{"href":"https:\/\/www.cubeserv.com\/en\/wp-json\/wp\/v2\/media?parent=50497"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cubeserv.com\/en\/wp-json\/wp\/v2\/categories?post=50497"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cubeserv.com\/en\/wp-json\/wp\/v2\/tags?post=50497"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}