How to Implement Row-Level Security (RLS) in Power BI with DirectQuery Dataset Embedded via .NET Core

I’m working on embedding a Power BI report that uses a DirectQuery dataset, and I want to implement Row-Level Security (RLS) through my .NET Core backend.

Setup Details: Report Type: Power BI PBIX report (not Paginated) Dataset Mode: DirectQuery Dataset Columns: User_Id Business_Key Period_Key

Goal: Pass User_Id as username Pass Business_Key and Period_Key as customData Use these values in Power BI RLS filter logic

Current Implementation (.NET Core):

var effectiveIdentity = new EffectiveIdentity(
    username: userId,
    datasets: new List<string> { datasetId }
)
{
    CustomData = $"{businessKey}|{periodKey}"
};

var tokenRequest = new GenerateTokenRequestV2
{
    Reports = new List<GenerateTokenRequestV2Report> { new(reportId) },
    Datasets = new List<GenerateTokenRequestV2Dataset> { new(datasetId) },
    TargetWorkspaces = new List<GenerateTokenRequestV2TargetWorkspace> { new(workspaceId) },
    Identities = new List<EffectiveIdentity> { effectiveIdentity }
};

var embedToken = await client.EmbedToken.GenerateTokenAsync(tokenRequest);

Environment Details: Power BI API: Microsoft.PowerBI.Api v4.22 Backend: .NET Core 6 Embedding: App-Owns-Data scenario Workspace: Premium capacity

Is RLS supported for DirectQuery datasets when embedding reports using EffectiveIdentity? Do we need to configure RLS in the underlying database (since it’s DirectQuery), or can it be managed in Power BI like Import mode? Are there known limitations or workarounds for passing username and customData with DirectQuery models?