Редагувати

Поділитися через


Manage semantic model access permissions (preview)

The semantic model manage permissions page enables you to monitor and manage access to your semantic model. It has two tabs that help you control access to your semantic model:

  • Direct access: Enables you to monitor, add, modify, or delete access permissions for specific people or groups (distribution groups or security groups).
  • Shared report links: Shows you links that were generated for sharing reports. Such links sometimes also give access to your semantic model. On this tab you can review them and remove them if necessary.

This document explains how to use the semantic model manage permissions page.

Note

In order to be able to access a semantic model's manage permissions page, you must have an Admin or Member role in the workspace where the semantic model is located.

Open the semantic model manage permissions page

To open the semantic model manage permissions page:

  • From the OneLake data hub or from the workspace for the semantic model: Select Manage permissions from the More options (…) menu available next to the semantic model name in the list.

    Screenshot of menu command to open the semantic model manage permissions page from the list of items in a workspace or the OneLake data hub.

  • From the semantic model details page: Select the Share icon on the action bar at the top of the page and choose Manage permissions.

    Screenshot of menu command to open the semantic model manage permissions page from the semantic model info page.

These actions open the semantic models manage permissions page. The manage permissions page has two tabs to help you manage semantic model access.

Manage direct access

The direct access tab lists users who have been granted access. For each user, you can see their email address and the permissions they have.

  • To modify a user’s permissions, select More options (…) and choose one of the available options.

    Screenshot of modifying permissions from the direct access tab on the semantic model manage permissions page.

  • To grant semantic model access to another user, select + Add user. The Share semantic model dialog opens.

    Screenshot of granting access permissions from the direct access tab on the semantic model manage permissions page.

Managing permissions granted through an app

Permissions on the semantic model granted through an app are indicated by the word "App" followed by the permissions enclosed in parentheses, as shown in the following image:

Screenshot of app permissions on semantic models Direct access tab.

You can't modify permissions granted through an app directly from the Direct access tab. You must first remove them from the app configuration. To remove such permissions:

  1. Edit the app and unselect the relevant permissions on the Permissions tab of the app's configuration settings.

  2. Republish the app.

  3. Go to the Direct access tab of the semantic model's manage semantic model permissions page as described in Manage direct access. The user still has the permissions granted via the app before update, but now they're not tied to the app (note that the parentheses are gone). Now you can remove whatever permissions you desire.

    Screenshot of editing former app permissions.

The shared report links tab lists links that have been created to shared reports that are based on your semantic model. Such links might also grant access to the report’s underlying semantic model, and so these links are listed here. You can see what permissions the link carries and who created the link. You can also delete the link from the system if you so desire.

Warning

Deleting a link removes it from the system. Users who use the link to access a report may lose access to that report.

Screenshot of shared report links tab on the semantic model manage permissions page.