Use Azure B2B to invite external users to view Power BI content

Before I start on Azure B2B and Power BI, If your project has a set of requirements to build and create dashboards based on the data you are collecting from different sources, the design whatever you chose is also depend on 2 factor – the volume of data (events + history) and how much processing you have on this data. Generally you need history of data also in dashboards so lambda architecture is in use. In this design you process massive historical data in batches (can be hourly, daily etc) and on top of this data merge with recent delta real time events using azure event hub or kafka. This will add the flavor of real time on top of history which is majority of the volume.  You can get more details at Microsoft document. Now on top of this your serving layer you can have direct query model in any choice of BI tool like Datameer Analytics tool, Tableau, Power BI .. all these provide connectors to Azure data lake or Azure Synapse.

If dashboard volume is more and you need to have better performance in Power BI dashboards (connectors are generally slow) you need to introduce caching layer(like Azure Analysis Services) before it and need to do incremental refresh, something like in Modern Datawarehouse design. This design can extends for lambda architecture also.

Now the biggest challenge what I have seen by using BI tool like Power BI, is right techniques to store data for future use where the requirement may call for sharing the data in dashboards to external users who are not part of your original licensing and data level security with external user is another challenge. For external users you need to invite them as guest using Azure Active Directory (Azure AD) business-to-business (B2B) collaboration, this will allow you to granular the access as they will become part of your Azure directory. Azure B2B lets you securely share your company's applications and services with guest users from any other organization, while maintaining control over your own corporate data.  This will work even if external partner don't have Azure AD or an IT department. For more details refer to the Microsoft document "DistributePower BI content to external guest users using Azure Active Directory B2B" 

How does collaboration using B2B guests work?

When you use B2B collaboration, you can invite an external user to your organization as a guest. The guest can be managed as a user in your organization, but a guest has to be authenticated in their home organization and not in your Azure AD organization. This means that if the guest no longer has access to their home organization, they also lose access to your organization.

For security of data you need to decide 3 factor's for guest users(it can be also for you organizational users), row level security(refer document), column level security and masking whole table. You need to put mapping logics for these 3 masking into our caching layer AD groups to limit the access for guest users. The other way of inviting Power BI users from App directly using email or security groups, but it is not recommended approach as not give enough granularity like Azure B2B. Now if you have Power BI premium capacity for licensing part you will not face any issue as the guest which you invited are backed by already Power BI premium capacity. Here only 2 option is there either the guest who is going to join come in with already a pro license or you assign then pro license out from your tenant.