web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Manage Table rows perm...
Power Apps
Suggested Answer

Manage Table rows permission inside my canvas app compared to SharePoint

(0) ShareShare
ReportReport
Posted on by johnjohnPter 1,811 Super User 2024 Season 1
I have more than 10 years of experience in SharePoint , and I have build many successful Canvas App which integrate with SharePoint lists.. now i want to explore Dataverse for projects that have large number of items inside the lists.

Now in SharePoint to secure the backend i usually do those steps as described in this story:-

1) Let say I have a work order list. and only the Maintenance Manager + the Technician to whom the work order is assigned to can modify the work order.

2) so in SharePoint i do the following >> when a new work order get created by the system on schedule bases >> i define a power automate flow >> which define a unique permissions for the work order list item >> by granting the technician Contribute without delete  >> grant the Maintenance manager Contribute >> grant all other users Read-Only

3) then since a SharePoint list can only have 50,000 items with unique permissions, so once the work order is closed, i move it to a "Closed" folder within the Work Order list, and i set the item permission to inherit from the closed folder.. so the item will no longer count as an item with unique permission so i will not reach the 50,000 limit.

4) also when i create a work order list item >> I add a new folder inside the Documenta library with a folder name = Work Order ID.. where i store any work orders picture inside that folder.

now generally speaking if i want to implement the above scenario inside dataverse tables instead of SharePoint lists. will the technical flow be the same? mainly the way to secure the backend by defining unique permissions for the work order? and moving closed work order to prevent reaching the allowed number of unique permission items inside a SharePoint list? and also the ability to store images inside separate folder for each work order?

Second question, in SharePoint case the user will be interacting with SharePoint list from the canvas application using the user’s credentials .. so that why we need to secure the back end.. while in Dataverse case, can we force our canvas application to work using a service account? So the user access the backend using the service account and not the user credentials ?

Thank in advance for any help
 
Categories:
Microsoft Dataverse with Power Apps
I have the same question (0)
  • Suggested answer
    ankit_singhal Profile Picture
    ankit_singhal 590 Super User 2025 Season 2 on at
    Hi Yes you can. Dataverse provide you very good security model and you can provide limit access to the user according to your need, You can set the user level, team level, business unit leave access in dataverse. 

    Please check below link
    https://learn.microsoft.com/en-us/power-platform/admin/wp-security-cds
     
     
    Note: Please mark verified, if it is helpful for you 
  • johnjohnPter Profile Picture
    johnjohnPter 1,811 Super User 2024 Season 1 on at
    Thanks for the reply. so in Dataverse we can also define unique permissions for the Table as a whole and for each list item separately ?
     
    For the second question to make it clearer.. now when i develop .net core web application with SQL server. I do not worry about users directly accessing the SQL server and bypassing the validations we have.. as the .net web application accesses the database using a service account. and we do all the validations inside the client-side (to have a responsive application) + inside .net (server-side) to secure the system from been hacked..
    But in Dataverse case, can we have the same architecture? so we prevent users from accessing Dataverse directly either using Browser, Browser tools, API, Power Automate , etc... and we configure a service account to access the Dataverse and we define server-side validations .. So in my above scenario, I can check who is editting the work order item, if the user is not the technician and is not inside the Maintenance manager group to raise an error .. of course i am talking about server side validation and not just client side validation provided by power apps...
     
    Please if you can advice further.
     
    Thanks
  • Suggested answer
    ankit_singhal Profile Picture
    ankit_singhal 590 Super User 2025 Season 2 on at
    Yes you can configure different acces on each table.
    Also, it's depends on you how you make the security model in dataverse. You can restrict user to get access in dataverse kr make any changes in schema. You can set record base security as well.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 739 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 343 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans