We have a GCC Power BI Service tenant with premium capacity (P1) and we are trying and failing to enable B2B guest user access to a Power BI report. We've added the guest user in Entra ID and correctly licenced and permissioned them to access the report Power BI. But when they tried to access the report they received a 53003 error message that said "your sign-in was successful but you don't have permission to access this resource." We tried just about everything and then gave up and exempted the guest user from the standard Conditional Access Policy (CAP), and voila: they were able to access the report. This is not a stable solution because the CAP needs to remain enabled, so we tried allow-listing Power BI Service in the policy and we're back to square one with the same access denial error message. Since we've isolated the problem to the CAP, what other apps or services do we need to allow-list in order for the guest user to be successfully authenticated to access the report?
↧