topic Re: User rights / entitlement in Management & Governance

User rights / entitlement

FrankC — Thu, 12 Feb 2026 15:10:37 GMT

I am wondering if this is possible or not.

We have a report that some users (external) can only get to the report via an external link. We don't want the users to see anything else in the cloud environment.

The same report should be available be available to a different set of users (internal). Those users should be able to interact with the report and see all other autohide parts of the cloud environment.

I tried granting the external users analyzer entitlement and view access to the report, but they could see the other parts of the cloud (like the options on the left-hand menu).

Any thoughts on how to restrict their access easily?

Re: User rights / entitlement

Dave_Channon — Fri, 13 Feb 2026 10:46:39 GMT

The typical ways of approaching this (some or all) are:

Set up a separate tenant for external access, since savvy users can list all users in the tenant (akin to how a microsoft tenant works for office). If this isn't an option, we have an early access feature which will lock things down for those external users.
Assign the external users the embedded analytics user scope. This locks them to the in-app experience, they will get an error when trying to access the hub.
Customise the app layout to hide the menus (in app settings).
Embed the app into a simple web page to fully decouple it from the tenant URL.