Skip to main content

Posts

Microsoft Entra ID single sign-on for the Starburst connector in Power BI (Preview)

When enabling Microsoft Entra ID single sign-on (SSo) for Starburst (Preview) report viewers querying semantic models in DirectQuery mode authenticate to Starburst with their own Entra ID identity, to Starburst's access policies — including row-level and column-level security rules — are evaluated against the actual end user rather than a fixed connection account.   Two connectors, one to use The Starburst connectors are built and maintained by Starburst. Two Starburst entries appear in the Power BI Get Data list. The original Starburst connector remains available for existing reports, but the new SSO experience ships in the Starburst secured by Entra ID connector — pick this one for any new report where you want Entra identities to flow end-to-end, as in the following screenshot.   Figure: The Starburst secured by Entra ID connector.   How it works The Starburst secured by Entra ID connector supports both Import and DirectQuery semantic models through the on-premises d...
Post a Comment
Read more
Recent posts

Workspace outbound access protection for Power BI reports (Preview)

Workspace outbound access protection (OAP) is a workspace-level control in Microsoft Fabric that lets you constrain where the data inside a workspace can flow. With this preview, OAP support now extends to Power BI reports. The good news for report authors and admins: there's nothing new to configure on the report itself. Protection comes from a single, well-defined rule that the workspace enforces automatically as soon as you turn OAP on. Why it matters Power BI reports don't carry their own data connections. They're bound directly to a semantic model. That binding isn’t always obvious when you’re reasoning about data boundaries — a report sitting in a sensitive workspace might bind to a semantic model in another workspace. Such a report mostly retrieves data from its semantic model (an inbound flow), but filter values, such as those specified using query string parameters in the report URL, would flow outbound across the data boundary.   Before OAP, a workspace admin had ...
Post a Comment
Read more

Org apps with audiences for Power BI and Fabric (Generally Available)

Announcing general availability of org apps in Power BI and Fabric, including one of the most requested capabilities: audiences. Figure: Org apps with audiences for Power BI and Fabric.   Org apps with audiences set you up to get the right reporting to the right people, in just the right experience. Curate and distribute reporting at scale across your organization—from leadership and management to frontline teams—while securely and efficiently building app experiences that help everyone find the data they need, understand what matters to them, and make better decisions from branded and customized experiences built for how they work. Why audiences matter to you Figure: One workspace app with audiences vs multiple org apps per workspace.   When we introduced audiences to workspace apps, many of you told us: audiences are great, but I need multiple apps per workspace. Then when we introduced org apps as items, you told us: multiple apps per workspace are great, but I need audienc...
Post a Comment
Read more