Skip main navigation

Privilege and Access Levels

Microsoft Dynamics 365 and the Power Platform

In the last step, we learned about Manage Security Roles. In this step, we discuss Privilege and Access Levels.

Record Level Privileges

Managing user privileges is done by assigning access levels on a security role.

image "Image of access levels on a security role"

Remember a user’s privilege and access levels are cumulative across security roles assigned and the user is given the most access allowed by any of the roles assigned to them.

For example, if you give Read/Organisation level access to the Account entity, but you have VIP accounts you didn’t want the user to read, there is no way to hide those VIP accounts from the user. Alternatively, giving the user only User or Business Unit access would allow you to keep those VIP accounts hidden by simply having them owned by another user in another business unit.

Each symbol can be managed on its own, or you can toggle the row all at once by clicking in the area to the left of the grid of symbols where the entity name is located. You can also toggle a column by clicking on the column header.

image "Image of access levels on a security role" image "Image of access levels on a security role" image "Image of access levels on a security role" image "Image of access levels on a security role" image "Image of access levels on a security role"

Different access levels offer the user different privileges with the data.

Create: Required to make a new record. The records that can be created depending on the access level of the permission defined in your security role.

Read: Required to open a record to view the contents. The records that can be read depending on the access level of the permission defined in your security role.

Write: Required to make changes to a record. The records that can be changed depending on the access level of the permission defined in your security role.

Delete: Required to permanently remove a record. The records that can be deleted depending on the access level of the permission defined in your security role.

Append: Required to associate a record with the current record. For example, if a user has Append rights on an opportunity, the user can add a note to an opportunity. The records that can be appended depend on the access level of the permission defined in your security role.

Append To: Required to associate the current record with another record. For example, a note can be attached to an opportunity if the user has Append To rights on the note. The records that can be appended to depend on the access level of the permission defined in your security role.

Assign: Required to give ownership of a record to another user. The records that can be assigned depending on the access level of the permission defined in your security role.

Share: Required to give access to a record to another user while keeping your own access. The records that can be shared depending on the access level of the permission defined in your security role.

Task Based Privileges

In addition to record level privileges, security roles contain various task-based privileges that users can perform. In general, these privileges are on or off and not based on business unit or other organisational considerations.

Examples of task-based privileges include:

Core Records Related Privileges

Business Management Related Privileges

Business Process Flow Related Privileges

image "Image of business process flow related privileges"

Next up, we’ll be discussing Role Examples.

This article is from the free online

Dynamics 365: Using Power Platform Applications

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now