Skip to main content

Notifications

Announcements

Forum Structure Changes Coming on 11/8
Give Back to the Community this Month
News and Announcements icon
Dynamics 365 Community / Forums / Business Central forum / Microsoft Business Cen...
Business Central forum
Suggested answer

Microsoft Business Central & Power BI Access Control

(1) ShareShare
ReportReport
Posted on by Romil Jain
In a normal scenario, users are allowed to connect to Business Central Online from Power BI using Get Data.

I want to restrict certain users from connecting to Business Central Online from Power BI.

I am okay to manage the restriction inside Business Central through permission sets or do it from Azure Portal. 

  
Categories:
Business Central
  • Romil Jain Profile Picture
    Romil Jain on at
    Microsoft Business Central & Power BI Access Control
    Hi Danny,

    Could you please help me understand which data entities to Block specifically that will not allow users to connect to Web Services or Advanced APIs created from Power BI. 
    Eg: We have created a Web Service for Warehouse Shipment Header Page. The user inside Business Central needs to access the Warehouse Shipment Header Page to perform his activities. We only showcase a limited no of fields to the user inside Business Central. 

    However, when the user connects the data through Power BI he is able to see other fields which are used for managerial reporting. 

    Let me know in case if there is any specific data entities specific to Power BI.  

    With respect to Conditional Access if you could help me with a bit more detail. We don't have a specific Power BI Application inside Enterprise Application. I am assuming you don't need to create an App Registration to connect Business Central from Power BI. 



     
  • Romil Jain Profile Picture
    Romil Jain on at
    Microsoft Business Central & Power BI Access Control
    Hi Nitin,

    Could you please provide more detail approach while creating the conditional access policy. As per my understanding you cannot specifically select Power BI as a block client app. Let me know in case if i am missing something. 

    Additionally, i would not want these users to connect to Business Central Data from Power BI Online Service as well. 

    However, they should be allowed to access reports shared with them by users who have access to Business Central Data. 


    Looking forward to hearing from you. 

     
  • Suggested answer
    DAnny3211 Profile Picture
    DAnny3211 9,219 Super User 2024 Season 1 on at
    Microsoft Business Central & Power BI Access Control
    hi
     
    To restrict certain users from connecting to Business Central Online from Power BI, you can manage this either through Business Central permission sets or via Azure Portal. Here’s how you can approach both methods:
    Method 1: Using Permission Sets in Business Central
    Create a Custom Permission Set:
    Go to Permission Sets in Business Central.
    Create a new permission set that restricts access to the data entities used by Power BI.
    Ensure that this permission set does not include permissions for the tables and pages that Power BI uses to fetch data.
    Assign the Permission Set to Users:
    Assign the custom permission set to the users you want to restrict.
    Remove any other permission sets that might grant access to the data entities used by Power BI.
    Method 2: Using Azure Portal
    Conditional Access Policies:
    Go to the Azure Active Directory in the Azure Portal.
    Navigate to Security > Conditional Access.
    Create a new policy that targets the users you want to restrict.
    Set the conditions to block access to Business Central from Power BI.
    Application Permissions:
    In the Azure Portal, navigate to Azure Active Directory > Enterprise applications.
    Find the Power BI application.
    Under Permissions, configure the permissions to restrict access to Business Central for specific users or groups.
    Steps for Conditional Access Policy
    Create a New Policy:
    Name your policy (e.g., “Restrict Power BI Access to Business Central”).
    Under Assignments, select the users or groups you want to restrict.
    Cloud Apps or Actions:
    Select Cloud apps and choose Business Central.
    Conditions:
    Configure conditions such as device platforms, locations, or client apps if needed.
    Access Controls:
    Under Grant, select Block access.
    Enable Policy:
    Enable the policy and save it.
    Final Considerations
    Testing: Before applying the restrictions broadly, test the configuration with a few users to ensure it works as expected.
    Documentation: Document the changes made for future reference and for other administrators.
  • Suggested answer
    Nitin Verma Profile Picture
    Nitin Verma 21,027 Super User 2024 Season 1 on at
    Microsoft Business Central & Power BI Access Control
    In that case you can create a Conditional Access policy targeting Business Central, then specify Power BI as a blocked client app. Configure the policy to block access when users attempt to connect to Business Central from Power BI. This will prevent them from using Power BI as a data source while still allowing other applications (like the Business Central Web client) to access it.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Forum Structure Changes Coming on 11/8
Give Back to the Community this Month

Quick Links

Forum Structure Changes Coming on 11/8!

In our never-ending quest to help the Dynamics 365 Community members get answers faster …

Dynamics 365 Community Platform update – Oct 28

Welcome to the next edition of the Community Platform Update. This is a status …

Replay: Dynamics 365 Community Call ERP Edition | October 9, 2024

Another great gathering of our Community!

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 290,807 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 229,135 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans