Skip to main content

Notifications

Announcements

No record found.

Small and medium business | Business Central, N...
Suggested answer

Microsoft Business Central & Power BI Access Control

(1) ShareShare
ReportReport
Posted on by 4
In a normal scenario, users are allowed to connect to Business Central Online from Power BI using Get Data.

I want to restrict certain users from connecting to Business Central Online from Power BI.

I am okay to manage the restriction inside Business Central through permission sets or do it from Azure Portal. 

  
  • Romil Jain Profile Picture
    Romil Jain 4 on at
    Microsoft Business Central & Power BI Access Control
    Hi Danny,

    Could you please help me understand which data entities to Block specifically that will not allow users to connect to Web Services or Advanced APIs created from Power BI. 
    Eg: We have created a Web Service for Warehouse Shipment Header Page. The user inside Business Central needs to access the Warehouse Shipment Header Page to perform his activities. We only showcase a limited no of fields to the user inside Business Central. 

    However, when the user connects the data through Power BI he is able to see other fields which are used for managerial reporting. 

    Let me know in case if there is any specific data entities specific to Power BI.  

    With respect to Conditional Access if you could help me with a bit more detail. We don't have a specific Power BI Application inside Enterprise Application. I am assuming you don't need to create an App Registration to connect Business Central from Power BI. 



     
  • Romil Jain Profile Picture
    Romil Jain 4 on at
    Microsoft Business Central & Power BI Access Control
    Hi Nitin,

    Could you please provide more detail approach while creating the conditional access policy. As per my understanding you cannot specifically select Power BI as a block client app. Let me know in case if i am missing something. 

    Additionally, i would not want these users to connect to Business Central Data from Power BI Online Service as well. 

    However, they should be allowed to access reports shared with them by users who have access to Business Central Data. 


    Looking forward to hearing from you. 

     
  • Suggested answer
    DAnny3211 Profile Picture
    DAnny3211 9,274 Super User 2024 Season 1 on at
    Microsoft Business Central & Power BI Access Control
    hi
     
    To restrict certain users from connecting to Business Central Online from Power BI, you can manage this either through Business Central permission sets or via Azure Portal. Here’s how you can approach both methods:
    Method 1: Using Permission Sets in Business Central
    Create a Custom Permission Set:
    Go to Permission Sets in Business Central.
    Create a new permission set that restricts access to the data entities used by Power BI.
    Ensure that this permission set does not include permissions for the tables and pages that Power BI uses to fetch data.
    Assign the Permission Set to Users:
    Assign the custom permission set to the users you want to restrict.
    Remove any other permission sets that might grant access to the data entities used by Power BI.
    Method 2: Using Azure Portal
    Conditional Access Policies:
    Go to the Azure Active Directory in the Azure Portal.
    Navigate to Security > Conditional Access.
    Create a new policy that targets the users you want to restrict.
    Set the conditions to block access to Business Central from Power BI.
    Application Permissions:
    In the Azure Portal, navigate to Azure Active Directory > Enterprise applications.
    Find the Power BI application.
    Under Permissions, configure the permissions to restrict access to Business Central for specific users or groups.
    Steps for Conditional Access Policy
    Create a New Policy:
    Name your policy (e.g., “Restrict Power BI Access to Business Central”).
    Under Assignments, select the users or groups you want to restrict.
    Cloud Apps or Actions:
    Select Cloud apps and choose Business Central.
    Conditions:
    Configure conditions such as device platforms, locations, or client apps if needed.
    Access Controls:
    Under Grant, select Block access.
    Enable Policy:
    Enable the policy and save it.
    Final Considerations
    Testing: Before applying the restrictions broadly, test the configuration with a few users to ensure it works as expected.
    Documentation: Document the changes made for future reference and for other administrators.
  • Suggested answer
    Nitin Verma Profile Picture
    Nitin Verma 21,085 Super User 2024 Season 1 on at
    Microsoft Business Central & Power BI Access Control
    In that case you can create a Conditional Access policy targeting Business Central, then specify Power BI as a blocked client app. Configure the policy to block access when users attempt to connect to Business Central from Power BI. This will prevent them from using Power BI as a data source while still allowing other applications (like the Business Central Web client) to access it.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Announcing Our 2025 Season 1 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

Vahid Ghafarpour – Community Spotlight

We are excited to recognize Vahid Ghafarpour as our February 2025 Community…

Congratulations to the January Top 10 leaders!

Check out the January community rock stars...

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 292,234 Super User 2025 Season 1

#2
Martin Dráb Profile Picture

Martin Dráb 230,994 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans