Skip to main content

Report Keys and Links

Administrator

DataCentral provides flexible mechanisms for sharing and embedding Power BI content outside of the standard user dashboard. Report Keys and Secure Links allow you to grant access to specific reports under controlled conditions.

1. What is a Report Key?

A Report Key is a unique, securely generated token that grants read-only access to a specific Power BI report embedded within DataCentral.

Unlike standard user access (which requires a login and is governed by roles), a Report Key provides direct access to the report.

Common Use Cases for Report Keys

  • Public Dashboards: Embedding a non-sensitive report on a public website or intranet portal where users do not need to authenticate.
  • Digital Signage: Displaying a live dashboard on a TV screen in an office or factory floor.
  • Third-Party Applications: Embedding a report within a custom application where DataCentral handles the Power BI token generation, but the application handles its own user authentication.

2. Generating a Report Key

To create a new Report Key:

  1. Log in as a Tenant Administrator.
  2. Navigate to Administration > Power BI Items.
  3. Locate the report you want to share and click the Keys icon (often represented by a link or key symbol).
  4. Click Generate New Key.
  5. Provide a descriptive name for the key (e.g., "Lobby TV Dashboard").
  6. (Optional) Set an expiration date if the access should be temporary.
  7. Click Save.

The system will generate a unique URL containing the Report Key.

Warning: Anyone with this URL can view the report. Treat Report Keys like passwords for that specific dashboard.

While Report Keys are typically used for live embedding, Secure Links are designed for sharing static exports of data or report pages.

  1. When viewing a report in DataCentral, use the export functionality (e.g., Export to PDF or Excel).
  2. Instead of downloading the file directly, DataCentral can generate a Secure Link to that specific export job.
  3. This link can be emailed or shared via chat.

Secure Links are inherently safer than Report Keys:

  • Authentication Required: By default, clicking a Secure Link requires the user to log in to DataCentral.
  • Authorization Checked: The system verifies that the logged-in user has the necessary roles and RLS permissions to view the exported data. If a user forwards a link to someone without permission, the recipient will be denied access.
  • Time-Limited: Secure Links typically expire after a short period (e.g., 24 hours) or after a certain number of downloads.

4. Managing and Revoking Access

Administrators have full visibility and control over all active Report Keys and Secure Links.

  1. Navigate to Administration > Links & Keys.
  2. You will see a list of all active tokens.
  3. To revoke access, simply locate the key or link and click Delete or Revoke.

Any application or user attempting to use a revoked key will immediately receive an "Access Denied" error.