Unanswered

Restrict access to tables outside of App

(0) Share

Report

Posted on by J0el

Is there a way to restrict access to a table via other means, such as Power BI, XRM Toolbox etc.?

I have an app that has a lot of logic to determine what users can see, based on their identity against external-imported tables, which are updated daily. I cannot release the app until I know that users can't access all of the external-imported table records, via Power BI, or other means.

The organisation has thousands of teams, so replicating that structure in terms of business units is an impossibility. Only supervisors from a department should see their staff records.

Without some form of external access restriction, I don't see how a solution like this can scale.

Categories:

Microsoft Dataverse with Power Apps

I have the same question (0)

All responses (2)

Answers (0)

Ami K 15,674 Super User 2024 Season 1 on at

Like (0)

Report

@J0el - I have just responded to your question in your other post:

https://powerusers.microsoft.com/t5/Microsoft-Dataverse/Dataverse-Table-limit-access-outside-of-Power-App/m-p/2314626#M32844

------------------------------------------------------------------------------------------------------------------------------

If I have answered your question, please mark your post as Solved. Remember, you can accept more than one post as a solution.

If you like my response, please give it a Thumbs Up.

Imran-Ami Khan

Was this reply helpful? Yes No
Drew Poggemann 9,287 Most Valuable Professional on at

Like (0)

Report
HI @J0el ,

There are a number of ways to secure the Dataverse table data from access by individuals that do not have the right level of security to see the information. You should focus on the data security vs the application as there are always ways that individuals can try to go after the data including APIs, Power Query, Power BI, etc.

Key concepts for securing the data:

Role Based Security - It sounds like you want to setup roles for access to the data that have "User" level security setup to allow only the owners of the records to manipulate the data. If you setup the security at User level for the roles on the actions for that table (create, read, write, delete) and review the additional ones like (share, assign, append, append to) you can lock these records down to the individual users. https://learn.microsoft.com/en-us/power-platform/admin/wp-security-cds#tablerecord-ownership

From a Manager perspective, you can setup hierarchical security within Dataverse to allow managers access to their employee records. https://learn.microsoft.com/en-us/power-platform/admin/hierarchy-security

Setup the environment with security group to control access to the environment. This will setup only the users in that security role in Azure AD to have access to the Dataverse tables (https://learn.microsoft.com/en-us/power-platform/admin/control-user-access#associate-a-security-group-with-an-environment)

Was this reply helpful? Yes No