Table of Contents
⚠ Draft — product in development.
Power BI Connector for SAP is currently in development. The exact name and contents of the BTP role collections used by the connector will be finalised when the connector is published to the SAP Store. This page is a working placeholder so the documentation structure is complete; it will be rewritten with the final role names, screenshots, and step-by-step assignment guidance once the product is released.
Power BI Connector for SAP is currently in development. The exact name and contents of the BTP role collections used by the connector will be finalised when the connector is published to the SAP Store. This page is a working placeholder so the documentation structure is complete; it will be rewritten with the final role names, screenshots, and step-by-step assignment guidance once the product is released.
Power BI Connector for SAP uses two role collections in SAP BTP to control who can do what inside the connector. An administrator subscribes the tenant to the connector’s service plan, then assigns the role collections to individual users or groups in the BTP cockpit. Without a role collection, a user can sign in but cannot create or view any data sources.
Role collections #
- Power BI Connector for SAP – User — sign in, create and edit personal data sources, share them with other users in the same tenant, mint personal access tokens, view your own activity history.
- Power BI Connector for SAP – Admin — everything a User does, plus tenant-wide settings on the Administration page (for example, the token expiry policy) and visibility into other users’ activity.
Where to assign role collections #
In the BTP cockpit:
- Navigate to the subaccount where the connector is subscribed.
- Open Security → Role Collections.
- Find the role collection name (User or Admin) and add the target user, identity provider group, or SAP IAS group as a member.
- Ask the user to sign out and back in for the new role to take effect.
Role collection changes propagate at next sign-in. Existing sessions keep their previous permissions until the user signs out.
Removing access #
Remove the role collection assignment in the BTP cockpit. The user can still sign in (the IdP still trusts them) but will see You don’t have access on the connector home page. To revoke any personal access tokens they’ve issued, see Manage access tokens.
