cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

Dynamics 365 : Does Powerapps follow the security model of the CRM ?

Hi everyone,

 

I have been reading a thread which was asking the same question here : https://powerusers.microsoft.com/t5/General-Discussion/Filter-records-based-on-Current-user-Of-Dynam...

 

Mona answered, but I looks like it is not really sure. I would like to go a bit deeper in this topic.

 

For instance, let's say we have a sandbox in Dynamics 365 at mycompany-sandbox.crm4.dynamics.com ; I have an admin account named admin@mycompany.com which all user permissions, and a basic sales rep which only has access to 10 % of the records, named salesrep@mycompany.com. The security model has been set in the CRM, and that is why the sales rep only has access to 10 % of the records.

 

I built an app in PowerApps called "Mycompany Contacts", which is just a 3-screen app to display, edit, delete and create contacts.

 

- If I login to the app with admin@mycompany.com ; I will have access to all the records of the CRM. Fine.

- If I login with salesrep@mycompany.com ; I am supposed to see only 10 % of the contacts, so that I cannot see what I am supposed to see.

 

Will PowerApps follow the CRM security model, or do I have to do some kind of filtering in a gallery in PowerApps ?

 

Thank you very much,

 

Regards,

 

Max

1 ACCEPTED SOLUTION

Accepted Solutions
Lisabel0
Helper V
Helper V

The answer should be PowerApps follow the CRM security model I think, since it works this way for SharePoint and PowerApps, I think all the connectors should do the same thing.

View solution in original post

3 REPLIES 3
Lisabel0
Helper V
Helper V

The answer should be PowerApps follow the CRM security model I think, since it works this way for SharePoint and PowerApps, I think all the connectors should do the same thing.

Anonymous
Not applicable

@Lisabel0 Thank you very much for your answer. I tried to share the app to a user that does not have access to the Dynamics 365 sandbox, and it does not display any record in the app, which is a good indicator.

 

Now, I would like to go deeper, and see if all the details of the Dynamics 365 security model are followed. Let's try!

Anonymous
Not applicable

@Lisabel0 Okay, I have been testing this and I confirm, PowerApps follows the Dynamics CRM security model.

 

Consequently, in a gallery of contacts in PowerApps of instance, the user will only see the contacts that can be seen by him in Dynamics, according to its security model. However, in the edit page of a contact that the user should not be able to modify, it seems like the edit button will still be visible and clickable. If the user does a modificatio on the contact, there will be a red error message at the top of the screen when validating, and the contact will not be modifier.

Is there any way to hide the edit button, according to the rights of the user ? Maybe I will create another topic for this question.

 

Thank you very much for your help,

 

Regards,

 

Max

Helpful resources

Announcements
Power Apps News & Annoucements carousel

Power Apps News & Announcements

Keep up to date with current events and community announcements in the Power Apps community.

Community Call Conversations

Introducing the Community Calls Conversations

A great place where you can stay up to date with community calls and interact with the speakers.

Power Apps Community Blog Carousel

Power Apps Community Blog

Check out the latest Community Blog from the community!

Top Solution Authors
Top Kudoed Authors
Users online (2,764)