web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Restrict environment u...
Power Apps
Unanswered

Restrict environment users from creation of Apps, Flow, and Tables

(0) ShareShare
ReportReport
Posted on by devApps 2

Hi everyone,

 

We have a solution consisting of canvas apps, flows and tables. I have assigned them security roles as 'Basic user' and 'System customizer' while sharing the app. After that, the users get access to that environment. They can play the canvas app and read and write access of dataverse table. User has no access to edit or delete app and dataverse table available in that environment. That is okay for us.

But because of  'basic user' and 'system customizer' security role, user get access to create new app, flow, table and other objects in that environment. How to restrict the user from creation or deletion, but not from reading and writing in an environment ?

Categories:
Governance & administering
I have the same question (0)
  • joe_hannes_col Profile Picture
    joe_hannes_col 1,843 Super User 2024 Season 1 on at

    Hello @devApps,

     

    You can be much more restrictive in terms of permissions for your users to customize resources in your environment while still allowing them to use your apps and flows.

    However, to do this, you will have to create custom security roles. In these security roles, you can define very granularly what tables a user with this role has access to, if they can create new data inside it etc. You can find out more about this here

    Your users can currently create new apps, flows, etc. because of the System Customizer role. This role should only be awarded to users who administrate the environment and need to import new solutions etc.

  • velegandla Profile Picture
    velegandla 204 Moderator on at

    @devApps 

     

    End Users using the application should never get a system customizer role in a production environment.

     

    This role should be given only in a development environment while people developing solutions.

     

    Always make a custom security role copied from the minimum permissions (App opener role or basic user), then grant access to custom database tables that need required permissions.

     

    I recommend watching the video explaining the dataverse security concepts.

    https://www.youtube.com/watch?v=8UWSj-vvxzU 

     

    ====================================================

    If I have answered your question, please mark your post as Solved.
    If you like my response, please give it a Thumbs Up.

    https://www.linkedin.com/in/devendravelegandla/ 

     

     

     

     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the March Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 519 Most Valuable Professional

#2
11manish Profile Picture

11manish 489

#3
Haque Profile Picture

Haque 327

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans