Ensure 'Block ResourceKey Authentication' is 'Enabled'
Why This Matters
Resource key authentication bypasses your organization's centralized identity management, allowing access to Power BI data without individual user accounts. If left enabled, users can stream or push data to Power BI datasets using API keys that lack proper governance, increasing the risk of unauthorized data exposure and bypassing security controls tied to Azure Active Directory authentication.
What Aether365 Checks
Aether365 verifies that the Block ResourceKey Authentication setting in the Microsoft 365 admin center is enabled. This check appears in your Aether365 dashboard under the microsoft-365 checks section and flags any tenant where resource key authentication remains allowed.