RLS-aware AI tools for a global media network
A global media network wanted its analysts to query governed Power BI datasets through a Copilot Studio assistant — in plain language, without exporting data or standing up yet another dashboard. The catch: those datasets carry row-level security, and an AI tool that ignored it would quietly become a data leak.
The engagement
The fast integration would have the assistant call Power BI under a single service identity. Fast to build, and wrong — every user would see every row regardless of their security role. The assistant also had to be safe against prompt-injected queries: an agent that can run a query can run a bad one.
I built an MCP server that sits between Copilot Studio and Power BI. It validates the caller's token, performs an on-behalf-of exchange so every query runs as the actual user — row-level security enforced by the platform, not by hope — and validates each generated query before it executes. Structured telemetry to Application Insights makes every tool call auditable. The server was specified for two runtimes, so it could be hosted as a Node.js Function or a .NET isolated worker.
Analysts query the datasets conversationally; each person sees exactly the rows their role permits; every call is logged. The pattern — auth carried all the way through, queries validated, calls instrumented — became the template for the next tools the team plans to expose to the assistant.
Practice areas applied
- AI Orchestration & Implementation. Design and deploy intelligent multi-agent systems that coordinate AI services, optimize workflows, and accelerate development — from Claude and Azure OpenAI integration to custom knowledge bases and automated pipelines.