Currently my team and I have a client that is using Power BI Premium.
We need to have Row Level Security enabled for both internal and external users.
We gave a recommendation to have Azure AD groups handle user management, but the client does not want to have all of there internal and external users be shown in their Azure AD. They believe it will be unmanageable for them. They want us to recommend another way to be able to manage internal users in Azure AD and have all external users managed in Azure AD, but completely separated from internal users, or by some other user management service that Azure provides. All the while, remaining in the same tenant since it seems the Power Bi Premium license can only be associated to one tenant and being able to have Row Level Security implemented for both internal and external users.
Is this possible? If so, how can we do it?
Thank you all for your time and help.
as per microsoft, https://learn.microsoft.com/en-us/power-bi/admin/service-admin-azure-ad-b2b as far as I'm aware, the ideal way to share power bi with external users like that is this is to through azure b2b. which means you will have them as a guest user in your azure tenant. the second they are a guest in your tenant, that means they are on the list in your azure ad Users. which has advantages, their activity is trackable, reportable etc.
Our organizations has 10s of thousands of user accounts in our azure ad tenant, it doesn't make it any less manageable. just use the search bar or the filters, I'm not sure what the issue would be that makes it unmanageable. if the requirement is secured power bi sharing, you're better off trying to understand why your client thinks its unmanageable and help relieve their fears.
the only other option that I can see is, if you don't want to see external users, then you could use power BI embedded to embed power bi reports in a different web app that you create, and allow access to the webapp. but then you will have to deal with all the user level management stuff in code. here's an article: https://medium.com/bi-helper/power-bi-embedded-report-distribution-to-external-users-1cf46fe1303b
hope this helps a bit.