web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Dataverse Access teams...
Power Apps
Unanswered

Dataverse Access teams / owner teams

(1) ShareShare
ReportReport
Posted on by Community Power Pla...

So I have read the documentation on access / owner teams but a few practical things for my use case remain unclear. 

Scenario: I have an hour registration app. Dataverse has been set-up as a back-end for our apps (we do not use other Dataverse related products other than 365). CRUD operations are triggered from the powerapp to Dataverse. User that creates the record owns the record. However, some users should be able to create/update for one another. Also, managers should be able to update/delete the records with regards to their approval responsibilities. 


In another screen I have an interface set-up for some users to control the Team Table (create access teams/owners teams, assign users to the teams etc. 

1. Say I have an Access team with User X and Y in the same team. The users have owner based security roles (CRUD on own records only) on the Hour Registration Table. The Hour Registration Table is Team or User owned. Would user X be able to edit records of user Y? If not how would user Y provide access to user X through the access team Table mechanism?

2. Say the same scenario as above would occur but the users would be in a Owner team, this would give both users Owner privilges on all their records, right? 

3. What are the privilges of team administrators? In my case would they automatically be privilged to perform operations on the teams' records? 

 

Would be really appreciated to get some guidance on these security/collaboration topics 

 

Thanks

Categories:
Microsoft Dataverse with Power Apps
I have the same question (0)
  • Verified answer
    EricRegnier Profile Picture
    EricRegnier 8,720 Most Valuable Professional on at

    Hi @Anonymous, answers to your questions below:

    1. If user X and Y has write user-level access only on Hour Registration table, then by default they can only edit the records they owned. If they're added to an access team where the access team's template has Write privilege then they will have access to edit those records even if they are now owned by them,
    2. Only if the record is assigned to that Owner team. 
    3. Good question, it doesn't effect the privileges for the administrator. It's only to support business functionality, such as if you want to notify the team admin when something occurs or to let users know the the point of contact for that team.

    BTW: here's a good video explain security concepts in CDS/Dataverse: https://powerusers.microsoft.com/t5/Webinars-and-Video-Gallery/Security-in-Common-Data-Service-CDS/td-p/615512 

    Hope this helps!

  • Community Power Platform Member Profile Picture
    Community Power Pla... on at

    Hi @EricRegnier,

    Thanks again for your reply!

    Based on your comment: 

    1. Along the Link you sent I updated the Table/Entity settings to allow for Access teams. 

    2. Created an Access Team Template with the required privileges 
    3. Now if in the Team Table/Entity I would set the teamtemplateid Lookup field to the created Access Team Template, should both users be able to perform operations on each other's record as long as they are part of the same team? 

    However: Since I create and manage the teams from the Powerapp directly in the Team entity, I believe I am creating user-created access teams. I believe this fits the requirement I have of flexible teams and the temporary nature of access to each other's records. I think the team template mechanism is applicable for auto-created access teams, correct? 

    4. So how would user X get access to the records of user Y if the team they are both in is User-Created? 









    lblD0.jpg
  • Verified answer
    EricRegnier Profile Picture
    EricRegnier 8,720 Most Valuable Professional on at

    Now if in the Team Table/Entity I would set the teamtemplateid Lookup field to the created Access Team Template

    Do you mean to add the template template subgrid to the form so user can add/remove users? https://docs.microsoft.com/en-us/power-platform/admin/create-team-template-add-entity-form#add-a-team-template-to-the-entity-form

     

    Should both users be able to perform operations on each other's record as long as they are part of the same team?

    Yes, assuming they have the privilege to either gain by the access team membership of security roles assigned.


    However: Since I create and manage the teams from the Powerapp directly in the Team entity, I believe I am creating user-created access teams. I believe this fits the requirement I have of flexible teams and the temporary nature of access to each other's records. I think the team template mechanism is applicable for auto-created access teams, correct? 

    If I understand your question is about deploying access teams? Teams are considered as data so unfortunately they are solution aware. You can deploy/import access team with data import such as the Config Migration Tool:  https://docs.microsoft.com/en-us/power-platform/admin/manage-configuration-data. There's also the Access Team Template Mover tool from XrmToolBox: https://www.xrmtoolbox.com/plugins/DynamicsCode.AccessTeamTemplateMover/ 

    So how would user X get access to the records of user Y if the team they are both in is User-Created? 

    Assume you are using Access Teams, after you added the subgrid on the form, by adding that user to the access team of that record

     

    Hope this helps

  • Verified answer
    Fubar Profile Picture
    Fubar 8,338 Super User 2025 Season 2 on at

    Access Teams are a way to share records (in a simpler format than using the traditional record Share mechanism).  You are sharing the record that the subgrid is on (and that records Child records if the relationships to the child records has cascade set), you are not giving access to other records owned by other users in the subgrid.  When the share occurs the privileges of the access team are given to the user in the subgrid where that user has at least user level privileges on the same privilege corresponding privilege.

     

    Owner teams are traditional teams and are used to facilitate access by other users based on Team membership (and record ownership) and the underlying Security Role privileges and Business Unit structure implemented.

     

    https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/developer/use-access-teams-owner-teams-collaborate-share-information

     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 796 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 327 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans