LiveConnection is a type of connection to a data source. This type of connection does not store a second copy of the data into the memory. Instead, data remains in the data source, and visualizations will continuously query the data source from Power BI.
This is the fastest way to connect Power BI to a source. It also gives extra benefits: your model can be stored in source control, you can use partitioning and scaling on your model, and easily connect tools like Excel to it.
There are 3 flavors:
Therefore, the first option, Azure Analysis services, works best with Power BI and Webdashboard. The on-premise variants will need some extra work.
There is a big technical difference between LiveConnection and Import/DirectQuery. With LiveConnection you connect directly to the Model Structure (dataset) on Analysis Services. You also go through Power BI with the same authorization token. The dataset you see in Power BI, isn’t used at runtime, only at design time.
For both Import and DirectQuery, you always only connect to Power BI, because the Model Structure is located in Power BI.
Webdashboard creates a Publish Account for you which includes a Power BI Pro license. When connecting to your datasets (Model Structure), Webdashboard will use that Publish Account to gain access. This works for Direct Query and Import because the model structure is inside Power BI (see figure on the previous page). In the case of a LiveConnection the Model Structure is located in a different Azure Active Directory. To make this work, 2 steps are needed:
Guests’ accounts can be added through your Azure Portal
Quickstart: Add guest users in the Azure portal – Azure AD | Microsoft Docs
Now your LiveConnection is ready to go.
In a Pro Environment the connection is made through a Service Principal. This can’t be done in a Standard Environment, because a Service Principal can only live in 1 Azure Active Directory Tenant. It’s the most secure way to connect to Power BI Embedded, because no User Account is needed.
For more information please read this: https://docs.microsoft.com/en-us/power-bi/developer/embedded/embed-sample-for-customers?tabs=net-core
Adding Webdashboard to your Pro environment is done with a Service Principal. All you have to do is give this Service Principal Read permissions to your Azure Analysis Server and you are ready to go. Please note that you configure the read permissions in the Tabular model Role. This Role needs to be configured in Webdashboard. For more information: How to: Configure Row Level Security (RLS) – Webdashboard
Normally (for Import and DirectQuery) Webdashboard sends the users email property that is logged in to Webdashboard in the connection to the dataset. In your RLS implementation you can filter your data with the expression USERNAME().
LiveConnection defines it’s RLS roles in Analysis Services and not in Power BI. Next to that, the security is not only checked in Power BI, but also in Analysis Services. Which means that the Username must be an account that has direct access to the Analysis Model.
Solution: Webdashboard sends the Publish Account as the username and the email property of the user through CustomData. Now you can access the email of the logged in user with the DAX expression CUSTOMDATA().
Using row-level security with embedded content in Power BI embedded analytics – Power BI | Microsoft Docs
For more information about configuring this in your environment, refer to this manual:
Analysis Services LiveConnection manual