How Power-BI Embedding Works?

Power BI provides us with a super cool and handy ingredient called Power BI embedding. With the help of the embedding feature, one can include their reports and dashboard to their web or mobile application. So that the customers/clients can easily consume insightful reports without having a Power BI account, or you can share the content securely with your team members.

So, in a formal language – Power BI Embedded is a Microsoft Azure service that lets independent software vendors (ISVs) and developers quickly embed visuals, reports, and dashboards into an application.

Now let us understand the different types of embedding provided by the Power BI. Power BI delivers internal and external embedding.

Internal embedding is used when one wants to deliver reports within an organization. It can be achieved using embedding in Teams, SharePoint, or via retrieving an embedding URL that can be added into the ISV’s custom application. This method is a secure way to share the reports, it does not require coding expertise and can be attained in a few clicks. However, the members who want to access the resources should have an organizational Power BI account. Another way to accomplish embedding is via Power BI APIs, and this method requires coding expertise as well as a Power BI account. All of the internal embedding methods is secure because it is secured by organizational Azure AD account.

On the other hand, for external embedding, the consumer of the report does not require a Power BI account. External embedding can be applied by two methods. One by publishing the report to the web which is not a secure way since it will be available to everyone on the internet. The second method is by using the Power BI APIs (leveraging authentication and tokens) that can be shared in a secure way (secured by application authentication) but requires coding knowledge.

Figure – Multiple methods for embedding Power BI content

 

Now, we fairly understand how we can achieve embedding in various ways. Since Power BI embedding is such an advantageous and powerful tool, so let’s understand the mojo behind its working. In this blog, we mainly focus on how embedding works for custom applications also, referred to as third-party embedding.

Whenever the ISV launches an application it calls AZURE AD for an access token to call Power BI service. The master user does this with the help of its azure login. Furthermore, the application calls the Power BI service APIs to retrieve embedding info about a specific resource. This embed URL contains information like report id, workspace id, and application secret hence it only represents a specified report or dashboard. While generating an embed token the master user can assign permissions such as read, edit, and create. Then all this information is passed into the client-side of the application, successively calling for Power BI JavaScript API to embed the Power BI resource. Then the Power BI dynamically generates the iframe and initializes it with the report. That is how a custom application embeds a PowerBI report on a webpage.

Figure – Detailed explanation of how user access the embedded report.

Figure – Overall process of Creating Report and Embedding for your customers with Power BI rest APIs

 

Now, whenever the client tries to view the embedded report via the company’s application, first user is authenticated and authorized by the application. The browser will request for an embed token to call the Power BI service. Since via this method we do not authenticate the user using Azure account, rather we generate a secret token, also known as the embed token, to grant our user access to the Power BI service. Then the master app user is authenticated, which had provided the embed URL during the application’s development. While the consumer is trying to retrieve the report, power BI API calls are made, and the master app user account (which was authenticated earlier) will check if the embed URL provided is correct or not. If the verification is true then the report is fetched to the customer via the power BI. Simultaneously, the ISV’s tenant admin user, the analyst, members and contributors can change or update the reports via their azure login (or Power BI pro license). All the changes made by them will be automatically reflected on the consumer’s portal.

So, even though embedding seems a bit complex, it is a highly appreciated and utilized aspect of Power BI.

 

References
  1. “Planning a Power BI enterprise development” – Melissa Coates (Coates Data Strategies), Chris Webb (Microsoft), Published – May 2020
  2. “Embedding Analytics with Power BI” – Kesem Sharabi, David Coulter, Published – May 2019, URL link: https://docs.microsoft.com/en-us/power-bi/developer/embedded/embedding
  3. “Developing with Power BI Embedding (Part 1)” – Ted Pattison, Published – Aug 2018, URL link: https://community.powerbi.com/t5/Community-Blog/Developing-with-Power-BI-Embedding-Part-1/ba-p/529859