Workspace outbound access protection (OAP) is a workspace-level control in Microsoft Fabric that lets you constrain where the data inside a workspace can flow. With this preview, OAP support now extends to Power BI reports. The good news for report authors and admins: there's nothing new to configure on the report itself. Protection comes from a single, well-defined rule that the workspace enforces automatically as soon as you turn OAP on. Why it matters Power BI reports don't carry their own data connections. They're bound directly to a semantic model. That binding isn’t always obvious when you’re reasoning about data boundaries — a report sitting in a sensitive workspace might bind to a semantic model in another workspace. Such a report mostly retrieves data from its semantic model (an inbound flow), but filter values, such as those specified using query string parameters in the report URL, would flow outbound across the data boundary. Before OAP, a workspace admin had ...
Announcing general availability of org apps in Power BI and Fabric, including one of the most requested capabilities: audiences. Figure: Org apps with audiences for Power BI and Fabric. Org apps with audiences set you up to get the right reporting to the right people, in just the right experience. Curate and distribute reporting at scale across your organization—from leadership and management to frontline teams—while securely and efficiently building app experiences that help everyone find the data they need, understand what matters to them, and make better decisions from branded and customized experiences built for how they work. Why audiences matter to you Figure: One workspace app with audiences vs multiple org apps per workspace. When we introduced audiences to workspace apps, many of you told us: audiences are great, but I need multiple apps per workspace. Then when we introduced org apps as items, you told us: multiple apps per workspace are great, but I need audienc...