Notifications
Announcements
Can someone help show me how to restrict users from being able to make apps with an environment? I haven't been able to find a tutorial that shows how it is done. I'm having a bunch of communication issues within my organization that is preventing me from moving forward on building applications. I need to be able to show someone how to do this, but the variety of security permissions spread across an unknown number of users within my organization. I'm hoping that someone can send some screenshots of how to setup those restrictions so that I can start digging for someone with access to those screens. If I can prove to senior management that app creation can be controlled, they will let me have access to more than the free resources that are available with the most basic license.
Hi @dsagfhjj ,
Microsoft Dataverse uses a role-based security model to control access to a database and its resources in an environment. Use security roles to configure access to all resources in an environment or to specific apps and data in the environment. A combination of access levels and permissions in a security role determines which apps and data users can view and how they can interact with those apps and data.
An environment can have no or one Dataverse database. You assign security roles differently for environments that have no Dataverse database and environments that have a Dataverse database.
I think this link will help you a lot:
https://learn.microsoft.com/en-us/power-platform/admin/database-security
Best Regards,bof
Unfortunately, this does not answer my question. I'm looking for a step by step instruction for the specifics control over creation of new apps. Since I don't have access to these settings, the instructions become necessarily vague because everyone might have different settings available to them. Essentially, I'm asking for an example for how someone would set this up in their own environment.
My IT department showed me that it is not possible to restrict app creation in a non-dataverse environment. There isn't even a settings button to make any kinds of changes. Can anyone confirm that roles can be customized in a non-dataverse environment?
If you have an environment without a Dataverse, it comes with these 2 predefined security roles: https://learn.microsoft.com/en-us/power-platform/admin/database-security#environments-without-a-dataverse-database
Any tenant user who is NOT listed either under Environment admin or Environment maker will not be able to create apps.
The apps within that environment that are created by these makers or admins can be shared to other users. There isn't a specific role for the end users, until you add a Dataverse database to the environment and thus expand the security model with more configuration options.
Adding a Dataverse database does not change the licensing model for the environment (unless you start leveraging premium features in apps & flows). I've written about this in my blog post: "Power Platform environments: enable Dataverse or not?"
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
In our never-ending quest to improve we are simplifying the forum hierarchy…
We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…
These are the community rock stars!
Stay up to date on forum activity by subscribing.
WarrenBelz 796 Most Valuable Professional
Michael E. Gernaey 327 Super User 2025 Season 2
Power Platform 1919 268
