Microsoft rolled out a new embedding feature for Power BI content. Next to the already known features as Embed in SharePoint Online, Publish to Web and Power BI Embedded, there is a new feature available now! Power BI Secure Embedding allows you to embed your content to client applications or sites while maintaining all security in your reports. In this blog I will write down a short summary of all available embed features available in Power BI.
Power BI Publish to web
We probably all know the Publish to web feature in the Power BI Service, which allows you to embed your content to any client application or site. This really easy feature allows you to share your content without any security in between. But by-passing the security is directly the biggest risk as well! Simply because all your data will be public, so this can be a huge security breach!
You really have to think about what you are doing before using this feature. Besides that, this feature can be disabled on tenant level for you to prevent for data breaches. The all new secure embedding can be a better option for the purpose of sharing where you are looking for. Read on to find out more about this new feature.
Publish to web allows users without a Power BI license to view the content as well. Simply because all security is removed from the content and the URL is public, everybody can see it.
Read all about the dangers of publish to web in this ModernData.ai blog by Dave Ruijter.
Embed in SharePoint Online
Next to the publish to web feature, there is a feature which allows you to embed your Power BI report within the same Office365 tenant in SharePoint Online. This is a great way of embedding your reports in a portal or some other cool SharePoint stuff. Because Power BI, SharePoint and all other Office365 services are using the same accounts, things like row-level-security will still work.
One disadvantage of this way of embedding, is that you have to grant permission to the SharePoint site and the Power BI content separately. So, you have to take multiple steps to grant access to a user. To make this work automatically, you can use Active Directory groups, which are used for SharePoint Access and for Power BI access both. In that case you only have to add the right users to the AD group to grant access on all levels.
On license side, you have to make sure that every user who has access, does have a Power BI Pro license as well. Another option could be a Power BI Premium view-only consumer license.
Read all about SharePoint Embedding in Reza Rad his blog here.
Power BI Embedded
Embedded is a separate service offered by Microsoft. Using Power BI Embedded is not directly related to the Power BI Service and is way more complex than all other mentioned options. Power BI Embedded is based on the Power BI REST API to embed your content in any application.
While embedding has a dependency on the Power BI service, there is not a dependency on Power BI for your customers. With Power BI Embedded the report consumers doesn’t have to know anything about Power BI. You can fully integrate your analytics into your application without even seeing that it is using Power BI. By using Power BI Embedded, you are also moving the security layer through your custom application or portal where the content is embedded. With that, your Power BI architecture will look way different, like shown below.
For creating embedded content, you only need one Power BI Pro license to create the embedded application. Afterwards there are two license options. First you can use Power BI Premium capacity. Besides that, you can also use Azure SKUs for embedding capacity.
Want to know more about Power BI Embedded? Read all about it in this documentation.
In the end of 2018 Microsoft announced a great new feature which allows you to secure embed Power BI content to client applications or sites and keep security still in place. Actually, it almost works the same as the publish to web feature, but then users have to log-in in the embedded frame before they see the content.
Not only to the security to access the report is in place now, also all other security features will still work. This means that Row Level Security can be still in place in case when you are using secure embedding. A lot of people online are really enthusiastic about the new features. Simply because it gives you the ability to embed your content on your website, web portal or wherever you want, without risking security issues.
Besides that, the new embedding feature allows you to pass filters though the report by URL as well. Not much people know about this feature, but it is possible to add filters to your report, by passing them in the URL. This functionality will also work with Secure Embedding. With that, you can create buttons or any other kind of interaction in your portal to dynamically switch your Power BI content.
As an end-user you actually need a Power BI license to view the embedded content in this case. Simply because you have to login to the Power BI Service (like shown above), you need to authenticate with you Power BI account. So, every user needs to have a Power BI Pro license, or a view-only end user license on premium capacity.
Read all details about the Secure Embedding in this Microsoft Blog by Lukasz Pawlowski.
The roll-out of Secure embedding started on the 9th of January 2019, so if you don’t see it yet, be patient!