This browser is no longer supported.

Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.

Roles and Permissions (Reporting Services)

Reporting Services provides an authentication subsystem and role-based authorization model. Authentication and authorization models vary depending on whether the report server runs in native mode or SharePoint mode. If the report server is part of a SharePoint deployment, SharePoint permissions determine who has access to the report server.

Identity and Access Control for Native Mode

Default authentication is based on Windows Authentication and integrated security. You can change the authentication settings to allow the report server to respond to different authentication requests, or even replace the default security features with a custom authentication extension that you provide.

Authorization is based on roles that you assign to a principal. Each role consists of a set of related tasks, which are in turn composed of related operations. For example, the Manage reports task grants access to the following report server operations: view reports, add report, update report, delete report, schedule report, and update report properties.

Identity and Access Control for SharePoint Mode

In SharePoint integrated mode, authentication and authorization are handled on the SharePoint site, before requests reach the report server. Depending on how you configure authentication, requests from a SharePoint site include a security token or a trusted user name. Permissions that you set for SharePoint users and groups authorize access to report server items that are placed in SharePoint libraries.

In This Section

Granting Permissions on a Native Mode Report Server Describes the role-based authorization model that provides access to content and operations.

Granting Permissions on Report Server Items on a SharePoint Site Explains how SharePoint groups, permission levels, and permissions are used to control access to a report server.

Authentication with the Report Server Granting Permissions on a Native Mode Report Server

Additional resources

Granting access in SSRS to reports

Before you provide reports to your users, you need to give them the appropriate access within the Microsoft SQL Server Reporting Services application. You use the SSRS role-based security to assign Active Directory users and groups to SSRS roles for both the site and folders.

Anyone reading reports will also need to configure their Internet Explorer installation, as mentioned in Adding your report services web site to your Internet Explorer trusted sites .

Please consult Microsoft documentation for the most current instructions for security configuration and granting access in SSRS. For example, some information can be found at this link:

However, for your convenience, a couple procedures are below.

To grant report administrator access in SSRS (SQL Server Reporting Services):

In Internet Explorer, go to your Report Manager URL.

You can open the Microsoft Reporting Services Configuration Manager to view the Report Manager URL.

Internet Explorer opens SQL Server Reporting Servies to your Report Manager URL.

Click Site Settings , and create a new role assignment so that you can assign the desired Active Directory group to the “System Administrator” role in SSRS.

To create a new role assignment, click Security , then New Role Assignment .

Click Home , and then click Folder settings . From there, create a new role assignment so that you can grant access to the “Content Manager” role.

reporting services permissions

To grant access so that the user can edit or build reports, you can give them additional permissions in SSRS, such as the Report Builder permission to the Home folder.

To grant report read access in SSRS (an overview):

In SSRS, go to Site Settings, and create a new role assignment so that you can assign the desired Active Directory group to the “System user” role in SSRS.

reporting services permissions

By default, all authenticated users are assigned to the System User role.

In SSRS, go to the Home folder, and then click Folder settings. From there, create a new role assignment so that you can grant access to at least the “Browser” role.

reporting services permissions

last updated: Mar 12, 2021

reporting services permissions

Facebook Pixel Code

BoldSign Easily embed eSignatures in your .NET applications. Free sandbox with native SDK available.

Breadcrumb seperator

How to provide the permission for user to access the SSRS report server

2X faster development

Help us improve!

Please sign in to access our kb.

This page will automatically be redirected to the sign-in page in 10 seconds .

Up arrow icon

Warning Icon

SQL Server Reporting Services 2012 Permissions

By: Scott Murray   |   Updated: 2012-10-23   |   Comments (36)   |   Related: > Reporting Services Security

site settings

Related Articles

Popular articles.

get scripts

About the author

MSSQLTips author Scott Murray

Comments For This Article

get free sql tips

reporting services permissions

How to list SSRS Report permissions

Have you ever needed to know which groups or users have access to your reports?

Use the following query to get a comprehensive list of who has access to what.

Sample output (fist 4 lines from my test machine):

Share this:

2 responses to how to list ssrs report permissions.

' src=

Thanks for sharing this!

' src=

Is it possible to determine the date/time a user was grant access to a report?

Leave a Reply Cancel reply

Fill in your details below or click an icon to log in:


You are commenting using your account. (  Log Out  /  Change  )

Twitter picture

You are commenting using your Twitter account. (  Log Out  /  Change  )


You are commenting using your Facebook account. (  Log Out  /  Change  )

Connecting to %s

Notify me of new comments via email.

Notify me of new posts via email.

This site uses Akismet to reduce spam. Learn how your comment data is processed .

Published Books

reporting services permissions

Practical Handbook for Reporting

Recommended Content

Recommended Blogs

Recent Posts

Visitor Info

reporting services permissions

Recent Comments

' src=

Grant Necessary Role for SQL Server Reporting Service


Configure Security on the Report Server

Sql server reporting services.

If you choose Credentials supplied by the user running the report or Windows Integrated Security for Reporting Services Authentication , then each user or group of users who are permitted to view reports must be granted Browse permissions in SQL Server Reporting Services (SSRS).

Log on to SQL Server Reporting Services using the ReportWriter account.

You may need to run Internet Explorer with Administrator rights to initially configure the security.

Add a Browser role to permit Privilege Management users to see reports in SSRS.


BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering companies to secure and manage their entire universe of privileges. The BeyondTrust Universal Privilege Management approach secures and protects privileges across passwords, endpoints, and access, giving organizations the visibility and control they need to reduce risk, achieve compliance, and boost operational performance.

©2003-2023 BeyondTrust Corporation . All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority. 11/28/2022

Data Recovery Blog

30 day money back guarantee

How Permissions can be Granted in SQL Server Report Service

In this article, we look at roles being used to grant permissions on the report server. We also look at who sets these permissions how these permissions are stored.

Reporting Services in SQL Server use a role-based authorization and authentication subsystem in order to determine the users who can perform an operation or access items on a report server. Role-based system is used for categorizing authorization of different roles and action which can be performed by a user or a group. This authentication is based on custom authentication module or built-in Windows Authentication that is provided to the users. Users can custom or predefine roles using either of these authentication types.

How Permissions can be Granted in Report Service

Using Role to Grant Permissions on the Report Server

All users interact or access a report server based on the role that is defined to a specific level for a specific person or a group. Reporting Services include predefined roles which can be assigned to users or groups in order to provide them with immediate access to interact with a report server. Content Manager, Browser, and Publisher are some common examples of these predefined roles. Each of these roles, define a collection of different related tasks. For instance, a Publisher has the permission of adding reports and creating folders for storing these reports.

Role assignments are inherited from the parent node, but users can break this permission of inheritance by simply creating a new role of assignment for each particular item. Note that a user can be a member of Content Manager Role in one report and might also be a member of another report for of Browser role.

Guidelines for granting access to different report server operations and items

1.    Review all predefined roles and determine whether they can be used as it is. If the user needs to adjust any tasks or define any additional roles, he/she should do it before assigning users to specific roles.

2.    Identify users or groups that require access to that particular report server, and on what levels. Most users are assigned to Browser role or Report Builder role. And only selective users need to be assigned for Publisher role. And Content Manager Role should only be assigned to the trusted officials.

3.    Use Report Manager for assigning roles in the Home folder for each group or user who requires access.

4.    Then go to Report Manager’s Site Settings page and create an assignment for system-level roles for each group or user, using predefined roles System Administrator and System User.

5.    Create additional assignments for assigning access to specific folders, reports, and other items. Avoid creating too many role assignments.

Who Sets These Permissions?

Initially, Report server can be accessed by the local administrator’s group or its members. Reporting Services are installed with only two default roles assignments which are used for system-level and granting item-level access to local administrators group and its member. These groups and members are responsible for assigning permission to other users.

How Are These Permissions Stored?

Report Server stores its role definitions and assignments in its database. If a user uses multiple programmatic interfaces or client tools, the access is subjected to the permissions which are defined as a whole for the report server. Role assignment is stored with all the items that they secure, that allow the user to move a database to a different report server without losing the defined permissions.

While MS SQL Server is a highly advanced platform, it still ends up getting plagued by data errors. Always keep a powerful SQL Server repair tool around to deal with unexpected data errors.

Author Introduction:

Victor Simon is a data recovery expert in DataNumen, Inc., which is the world leader in data recovery technologies, including access recovery and sql recovery software products. For more information visit

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *


  1. Reporting-Services-examples/Permissions.rdl at master · SQL-Server-projects/Reporting-Services

    reporting services permissions

  2. SSRS Report Manager Site Permissions Error After Installation

    reporting services permissions

  3. How to fix Reporting Services permissions are insufficient for performing operation (rsAccessDenied)

    reporting services permissions

  4. How to assign basic reporting permissions in Configuration Manager R2

    reporting services permissions

  5. Security permissions on Reporting Services 2016

    reporting services permissions

  6. SSRS report server permissions when integrated with SharePoint

    reporting services permissions


  1. Working with Report Parameters

  2. SharePoint Farm Reporter

  3. SSRS Part2

  4. Tax Override: Full Feature Tutorial

  5. 007 Overview of AWS IAM Roles to grant permissions between AWS Services

  6. 06-MCSA 2016


  1. How to View Your Credit Report

    As a consumer, monitoring your credit is an important part of managing your finances. Having strong credit has a major impact on your borrowing ability, your professional reputation and much more. You can view your credit reports to keep ta...

  2. What Is a Management Report?

    A management report is a formal business document that discloses a company’s profit and loss statements in one- to four-month periods. Management reports generally break down an organization’s profits and losses by department, clients, prod...

  3. What Is the Phone Number for Consumer Reports Customer Service?

    The phone number for Consumer Reports customer service is 1-800-333-0663. The hours are Monday through Friday 8 a.m. to 8 p.m. EST and Saturday 9:30 a.m. – 6 p.m. EST. Customers can also send correspondence to Consumer Reports by mail to Co...

  4. Grant user access to a report server

    Reporting Services uses role-based security to grant user access to a report server. On a new report server installation, only users who are

  5. Roles and Permissions (Reporting Services)

    Authentication and authorization models vary depending on whether the report server runs in native mode or SharePoint mode. If the report server

  6. Granting access in SSRS to reports

    Granting access in SSRS to reports · Run Internet Explorer as Administrator. · In Internet Explorer, go to your Report Manager URL. · Click Site Settings, and

  7. How to provide the permission for user to access the SSRS report

    Within the SSRS website, the first item to setup is to create system level permissions; these permissions are assigned to the main administrators of SSRS and

  8. SQL Server Reporting Services 2012 Permissions

    SQL Report Server Permissions · Browser-allows users to run reports and browse folders; this role will be used by most end users · Content Manager

  9. SSRS Security Set up

    ... access to a report server (Roles and Permissions) - Part 20 | EHR ... ago Learn Business Intelligence and Analytics Reports (Healthcare

  10. How to list SSRS Report permissions

    How to list SSRS Report permissions ; BUILTIN\Administrators. Browser. May view folders, reports and subscribe to reports. /BT Demo/Computer

  11. Authorizing users for accessing reports via SSRS roles

    SSRS grants users permissions to various reports and folders in the Report Portal through Roles. You can assign either an individual user, or more commonly

  12. Grant Necessary Role for SQL Server Reporting Service

    Procedure · Use your Internet browser to connect to the Report Manager URL.

  13. Configure Security on the Report Server

    Click Manage Folder to view the security of the top level, and then click Add group or user to grant access to a user or group. Enter a group or user name

  14. How Permissions can be Granted in SQL Server Report Service

    Reporting Services include predefined roles which can be assigned to users or groups in order to provide them with immediate access to interact