web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Team Administration
Power Apps
Unanswered

Team Administration

(0) ShareShare
ReportReport
Posted on by SR-30011133-0

Hi all,

 

I'd ideally like to have a multi-app environment where different app development projects have distinct access to their apps and Dataverse tables.  I'm looking to achieve this via custom security roles that only have tailored access to given custom tables that the app uses, depending on the user's role.  I'd like the app owner to manage the teams that inherit these security roles so users can be easily managed without environment admin intervention (e.g. adding a new user to a team).

 

I don't want the "app admin" to have broader powers within the environment aside from app ownership and managing team members - is this achievable?

Categories:
Governance & administering
I have the same question (0)
  • AlbertoCastro Profile Picture
    AlbertoCastro 1,201 Most Valuable Professional on at

    Hi,

    If I understand well you requierement it's possible.

     

    - If you grant access to some users to specified tables of dataverse, you can create a custom security role with this specified access.
    Best practice: a custom security role copy of existing role "App Owner"

    - After this, you can create a Security Team that be able to link this custom security role with a Security Group in Azure AAD.

    - Configure this AAD group like a child of the Security Group of the environment.
    - Configure the App owner like Owner that this Security Group.


    With all this, if the owner of the application shares it with the group, it is ensured that all users already have access to the necessary dataverse tables.

    Besides, like is owner of the AAD group, he can add or remove users in the group, without dependency of an admin.

     

    Video: https://www.microsoft.com/en-us/videoplayer/embed/RWJBr8


    -------------------------------------------------------------------------
    If I have answered your question, please mark your post as Solved.
    If you like my response, please give it a Thumbs Up.

    Regards
    Alberto

     

  • SR-30011133-0 Profile Picture
    SR-30011133-0 on at

    Thanks Alberto, I'll take a look at the video! 👍

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 796 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 327 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans