cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

Dynamics 365 : Does Powerapps follow the security model of the CRM ?

Hi everyone,

 

I have been reading a thread which was asking the same question here : https://powerusers.microsoft.com/t5/General-Discussion/Filter-records-based-on-Current-user-Of-Dynam...

 

Mona answered, but I looks like it is not really sure. I would like to go a bit deeper in this topic.

 

For instance, let's say we have a sandbox in Dynamics 365 at mycompany-sandbox.crm4.dynamics.com ; I have an admin account named admin@mycompany.com which all user permissions, and a basic sales rep which only has access to 10 % of the records, named salesrep@mycompany.com. The security model has been set in the CRM, and that is why the sales rep only has access to 10 % of the records.

 

I built an app in PowerApps called "Mycompany Contacts", which is just a 3-screen app to display, edit, delete and create contacts.

 

- If I login to the app with admin@mycompany.com ; I will have access to all the records of the CRM. Fine.

- If I login with salesrep@mycompany.com ; I am supposed to see only 10 % of the contacts, so that I cannot see what I am supposed to see.

 

Will PowerApps follow the CRM security model, or do I have to do some kind of filtering in a gallery in PowerApps ?

 

Thank you very much,

 

Regards,

 

Max

1 ACCEPTED SOLUTION

Accepted Solutions
Lisabel0
Level 8

Re: Dynamics 365 : Does Powerapps follow the security model of the CRM ?

The answer should be PowerApps follow the CRM security model I think, since it works this way for SharePoint and PowerApps, I think all the connectors should do the same thing.

View solution in original post

3 REPLIES 3
Lisabel0
Level 8

Re: Dynamics 365 : Does Powerapps follow the security model of the CRM ?

The answer should be PowerApps follow the CRM security model I think, since it works this way for SharePoint and PowerApps, I think all the connectors should do the same thing.

View solution in original post

Anonymous
Not applicable

Re: Dynamics 365 : Does Powerapps follow the security model of the CRM ?

@Lisabel0 Thank you very much for your answer. I tried to share the app to a user that does not have access to the Dynamics 365 sandbox, and it does not display any record in the app, which is a good indicator.

 

Now, I would like to go deeper, and see if all the details of the Dynamics 365 security model are followed. Let's try!

Highlighted
Anonymous
Not applicable

Re: Dynamics 365 : Does Powerapps follow the security model of the CRM ?

@Lisabel0 Okay, I have been testing this and I confirm, PowerApps follows the Dynamics CRM security model.

 

Consequently, in a gallery of contacts in PowerApps of instance, the user will only see the contacts that can be seen by him in Dynamics, according to its security model. However, in the edit page of a contact that the user should not be able to modify, it seems like the edit button will still be visible and clickable. If the user does a modificatio on the contact, there will be a red error message at the top of the screen when validating, and the contact will not be modifier.

Is there any way to hide the edit button, according to the rights of the user ? Maybe I will create another topic for this question.

 

Thank you very much for your help,

 

Regards,

 

Max

Helpful resources

Announcements
thirdimage

Power Automate Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

sixthImage

Power Platform World Tour

Find out where you can attend!

Power Platform 2019 release wave 2 plan

Power Platform 2019 release wave 2 plan

Features releasing from October 2019 through March 2020

fifthimage

Microsoft Learn

Learn how to build the business apps that you need.

Top Kudoed Authors
Users Online
Currently online: 192 members 5,459 guests
Please welcome our newest community members: