For users to access reports within the Power BI Service, there are four types of permissions to consider.
Permissions here are granted within the Workspace itself. Details can be found on the Roles in workspaces in Power BI page (Microsoft site).
Each semantic model within the Power BI Service needs to have permissions added so that users can see the reports and dashboards that use them. Details can be found on the Managing Dataset Permissions page.
This set of permissions controls whether a user is able to install an App built from a Workspace. More details can be found in the Publishing an App page.
This level of permissions control what data within a dataset is able to be accessed by users according to the user's group memberships. More details can be found on the Row Level Security in Power BI page.
You can use Azure security groups to set up permissions in Power BI. To request a new Security Group, create a ticket with the Help Desk and include the reason for and use of the group, the email address of who should have permission to maintain the group, and a list of the emails for the members of the group.
For instructions for managing the group, please read How to Manage Security Groups in Sharepoint page.
Power BI