web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Security Groups Settin...
Power Apps
Suggested Answer

Security Groups Setting in different environments

(0) ShareShare
ReportReport
Posted on by LY-03060231-0 14
Hi, 
 
I have three environments: Dev, Test, and Prod. I would like to assign security groups to restrict access to these environments.
Currently, I’ve created two security groups which are DEV_SG and TEST_SG for the Dev and Test environments.
 
The goal is to:
Allow developers to access the Dev environment and create apps there.
Allow a different group of testers to access the Test environment and run the apps.
Keep the Prod environment open to all users to run the Apps in the company.
 
Should I:
Create two Teams for each security group in the Dev and Test environments,
After creating the teams, then assign the security role "Environment Maker" to the developer Team in Dev env., and
Assign the "Basic User" role to the tester Team in Test env.?
While creating the Team, I don't know which Membership type should I choose to?
 
 
I’m quite confused about the access permission differences between security groups, security roles, and membership types while creating a Team within an environment. Could you please share the best practice for managing access in this scenario? 
 
If there are any helpful articles, I would really appreciate your recommendations.
 
Many thanks in advance!
 
Best regards,
 
Lee
 
Categories:
Governance & administering
I have the same question (0)
  • Suggested answer
    Vejai SH Profile Picture
    Vejai SH 555 on at
    Hi Lee,
     
    If you want to restrict user in the environment, I would suggest you to go with Security Group for the environment,
     
     
    Based on your screenshot, "Members"  should be fine. if you dont have any Guest user. Before creating a Team in CRM, Entra group need to created. refer below article 
     
    Please note, you cant add or remove user for this Team Type directly in CRM, you have to do it in Entra.
     
    Thanks,
    Vejai SH
     
    Please mark as answer if my suggestion helps you.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 739 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 343 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans