Security
What personal information is collected on the PowerBI Robots web application and how is it used?
The only information collected on the PowerBI Robots web application is the user's email when a new account is created. That email is used to identify the user and send him or her notifications regarding PowerBI Robots such as updates or policy changes. That email may also be used to market DevScope products or services. We never share or sell our users' email contact or other information to third-party companies. Users may opt-out of these marketing emails at any time by accessing their account. The PowerBI website also uses a cookie (a small text file) with the sole purpose of facilitating the authentication process of returning users. Please refer to your browser's policy to learn how to disable and delete cookies.
What personal information is collected by the PowerBI Robots agent?
The PowerBI Robots agent doesn't collect any personal information. All information used on the PowerBI Robots agent is stored locally, on the user's infrastructure.
Can I use multi-factor authentication (MFA) with PowerBI Robots?
When entering your Power BI account’s credentials, you will be prompted with any information needed to login. When using a SMTP account with MFA enabled, you need to create an application password. For more details, please follow this link.
Why is the schedule on your systems instead of a local scheduler?
The schedule is not on our system; it's a local scheduler. We use a HangFire-based scheduler running locally on the machine alongside the PowerBI Robots Agent. We did this by design so our servers wouldn’t store any info regarding the data content itself or any credentials that you own. The only thing we store on our servers is the playlist you generate, containing PowerBI URL addresses and filters. These playlists are stored locally and encrypted using local machine security in the file “PBIRobotsService.config”, located in the app folder.
Where exactly are the images and pdf's generated?
Images and PDFs are always generated locally, i.e., on the computer running the agent. If you choose to send your report playlist to PowerBI Robots Cloud, the generated images are uploaded to an Azure Blob Storage owned by DevScope. When you select this open, that’s explicitly stated in the web app, and you must accept it. You also have the option to do this locally (please refer to the Slideshow tab on the web agent’s Helper to learn how to do it). If you generate PDFs or the target is a file system, the generated content is stored locally or where you specify it.
If you do not have access to any of the reports or information generated, why do you need our credentials?
There are two points in time where we ask for the user's Power BI credentials: when configuring the agent and when creating the playlist. We ask for credentials because the only way to display and generate images form Power BI is by using the Power BI SDK, and we need to provide PowerBI with a security token to access its data. This security token is returned by the Power BI SDK and is always stored locally as a session cookie with an expiration date and following the OAuth protocol.
Can I have more detailed information regarding the security and reliability of Power BI Robots?
DevScope doesn't save/store the web application's access token on the server side. These tokens are session-wide only and stored in a cookie on the client's browser On the Agent Service app, the token is stored and encrypted locally on the client/user’s computer;
All security follows Microsoft's guidelines for accessing the Power BI API and uses the provided Microsoft SDKs;
The permissions required by our app are explicitly defined in its Azure directory;
DevScope guarantees that no tokens are ever used because they aren't saved on our servers at any point of the workflow. They are always saved locally, either on the client's browser or the agent’s computer. We went through a big engineering effort to guarantee that we don’t keep any Microsoft security credentials on our side
Last updated