web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Dataverse Table - limi...
Power Apps
Unanswered

Dataverse Table - limit access outside of Power App?

(0) ShareShare
ReportReport
Posted on by JonathanM 29

Hi,

 

I have a Canvas Power App using Dataverse.  It uses a table for some calculations in the app.  So, the end user needs access to this table within the app, but I do not want the user to be able to query this data outside of the app (i.e. Power BI), as some of the underlying table data is sensitive.  Is there a way to accomplish this?

 

Thanks,

Jonathan

Categories:
Microsoft Dataverse with Power Apps
I have the same question (0)
  • Verified answer
    Ami K Profile Picture
    Ami K 15,679 Super User 2024 Season 1 on at

    Hi @JonathanM ,

     

    Yes.

     

    For the user to access data in the table, the user must have read privileges to the underlying table, such as the Service Reader Security role or a Security Role which includes read privileges such as the Dynamics 365 Service Admin, Office 365 Power Platform Admin, System Admin and System Customizer role.

     

    So long as those users do not have these roles, they will not be able to query the data.

     

    In the below example, the user has been granted a security role which grants access to the Canvas App, as well as permission to read, edit, and create items in the Table used by the Canvas App. However, this is what they see if they try to access the underlying Table:

     

    Amik_0-1687453469545.png

     

    https://learn.microsoft.com/en-us/power-apps/maker/data-platform/data-platform-powerbi-connector?tabs=Dataverse 

     

    ------------------------------------------------------------------------------------------------------------------------------

     

    If I have answered your question, please mark your post as Solved. Remember, you can accept more than one post as a solution.

    If you like my response, please give it a Thumbs Up.

  • J0el Profile Picture
    J0el 58 on at

    I don't understand this. If I grant a user a role who has read access to a table, they can access all of the data within that table, via Power BI, for example. I would like to use the Power App to set logic, to determine what can be accessed by the user. However, I now know that they can access all of the data they "shouldn't" be able to, via 3rd party connection to the table directly. Is there any way around this?

    EG. I have a table that has all employee records. But the logic in the app determines what can be seen via the identity of the app user. However the above means they can access everything via Power BI.

  • dcharpentier Profile Picture
    dcharpentier 9 on at

    Hi @Amik 
    My need was not as "advanced" as Jonathan's, but searching the net got me here and your answer about the right types of Security Role just saved my life 🙂
    Note : for some reason I could not assign a Service Reader role...so I used System Admin.

  • Ami K Profile Picture
    Ami K 15,679 Super User 2024 Season 1 on at

    @J0el if we're not talking about security in Dataverse for Teams (which is controlled by the Office 365 Group), Dataverse works under the principle of least privilege/deny by default.

     

    You would not be able to access underlying data unless the correct security role has been granted. 

     

    Let's suppose for example that User A has been granted a security role which grants access to the Canvas App, as well as permission to read, edit, and create items in Dataverse table used by the Canvas App. However, User B (who has one of the Admin or Reader roles) copies the hyperlink to the Dataverse table and then shares that link with User A; this is what User A will see if they opened that link:

     

    Amik_0-1692971472413.png

     

    Same principle applies to the Dataverse Connector in Power BI. If users are able to access the tables then it is likely the organisation's security/data loss prevention policies have been badly administered.

     

    ------------------------------------------------------------------------------------------------------------------------------

     

    If I have answered your question, please mark your post as Solved. Remember, you can accept more than one post as a solution.

    If you like my response, please give it a Thumbs Up.

    Imran-Ami Khan

     

     

     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 796 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 327 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans