As with other Microsoft Azure services, Power BI relies on Azure AD to authenticate and authorize users. Therefore, even if Power BI is the only service being utilized, organization's can leverage Azure AD's rich set of identity management and governance features, such as conditional access policies, multi-factor authentication (MFA) and business-to-business collaboration. For example, a conditional access policy can be defined within the Azure Portal which blocks access to Power BI based on the user's network location, or which requires MFA given the location and the security group of the user. Additionally, organizations can invite external users as guest users withing their Azure AD tenant to allow for seamless distribution of Power BI content to external parties, such as suppliers or customers.
Guidance on configuring Azure AD security...