web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Create security role f...
Power Apps
Unanswered

Create security role for PowerApps in production environment

(0) ShareShare
ReportReport
Posted on by h_takagai 22

I'm trying to control whether or not Power Apps can be developed by creating a dedicated security role.

I thought that it could be achieved by turning off the "canvas app table" creation permission of the security role.
However, it seems that PowerAutomate/PowerApps cannot be developed with "copied security roles" or "security roles created from scratch".

  • A copy of Environment Maker
  • A copy of Basic User with the same permission settings as Environment Maker
  • A security role with the same permission settings as Environment Maker from scratch

Copy Security Role | Environment Maker vs Copy of Environment Maker 

 

I would be grateful if you could give me an answer or advice to the following questions.

  1. Is this specification correct ?
  2. Is it difficult to control whether PowerApps can be developed or not with security roles ?
Categories:
Microsoft Dataverse with Power Apps
I have the same question (0)
  • Drew Poggemann Profile Picture
    Drew Poggemann 9,287 Most Valuable Professional on at

    Hi @h_takagai ,

    Please see details here on approach to control access to creating Power Apps in an environment.  

    https://powerusers.microsoft.com/t5/Building-Power-Apps/Restricting-users-from-creating-powerapps/td-p/81349 

  • AhmedSalih Profile Picture
    AhmedSalih 6,678 Moderator on at

    Hello, @h_takagai, when creating a custom security role for your use case, make sure that configure the customization permissions: 

    AhmedSalih_0-1691491325250.png

     

    Note, if I want my users to only be able to use MDAs or Canvas apps only and not be able to create apps, flows, or even see the tables and other environment's objects, I made sure that all options in the customization tab are unselected. Except, if I have Business Rules for the DV tables forms, in that case you need to give access for the Process table. 

     

    If my reply helped you, please give a 👍 If it solved your issue, please give a 👍 & accept it as the Solution to help other community members find it more.

    Visit my Blog: www.powerplatformplace.com

    Visit my YouTube Channel: https://www.youtube.com/@powerplatformplace/videos

     

  • h_takagai Profile Picture
    h_takagai 22 on at

    hi @AhmedSalih 

     

    What I want to do is create a security role that cannot develop PowerApps but can run shared apps.
    On the other hand, a security role created by copying Environment Maker cannot perform the following actions even if custom permissions allow canvas apps and workflows.
    - Development app
    - Running shared apps
    - Development flow
    - Running shared flows

     

    As a result, we can't create the desired security role.

  • AhmedSalih Profile Picture
    AhmedSalih 6,678 Moderator on at

    @h_takagai, can you share a screenshot of your custom security role (customization tab) that was copied from the Environment Maker system role?

  • h_takagai Profile Picture
    h_takagai 22 on at

    @AhmedSalih 

    Please check below.

     

    screenshot.png

     

  • AhmedSalih Profile Picture
    AhmedSalih 6,678 Moderator on at

    @h_takagai, you are using the modern view, use the classic view. Go to make.powerapps.com and then:

    AhmedSalih_0-1691647847352.png

    AhmedSalih_1-1691647866413.png

    AhmedSalih_2-1691647889853.png

    AhmedSalih_3-1691647909194.png

    Find the security Role you copied and go to the customization tab and do what I have mentioned in my replies above. 

     

    If my reply helped you, please give a 👍 If it solved your issue, please give a 👍 & accept it as the Solution to help other community members find it more.

    Visit my Blog: www.powerplatformplace.com

    Visit my YouTube Channel: https://www.youtube.com/@powerplatformplace/videos

  • h_takagai Profile Picture
    h_takagai 22 on at

    @AhmedSalih 
    Thanks for showing me how to check.

    Here is the new screenshot.

     

    screenshot2.png

     

  • AhmedSalih Profile Picture
    AhmedSalih 6,678 Moderator on at

    @h_takagai ,

    AhmedSalih_0-1691851080239.png

     

     

    If my reply helped you, please give a 👍 If it solved your issue, please give a 👍 & accept it as the Solution to help other community members find it more.

    Visit my Blog: www.powerplatformplace.com

    Visit my YouTube Channel: https://www.youtube.com/@powerplatformplace/videos

     

  • Verified answer
    h_takagai Profile Picture
    h_takagai 22 on at

    Sorry for the late reply.
    I set the authority as advised, but it did not work as expected.
    On the other hand, when I made an inquiry to a Microsoft engineer in parallel, it seems that it was a specification.
    It behaves strangely.

     

    Conclusion
    - A security role that duplicates Environment Maker cannot develop "Power Automate" and "Power Apps".
    - Creating a new security role with the same settings as Environment Maker cannot develop "Power Automate" and "Power Apps".

    Your comments and advice have helped me. thank you.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 717 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 329 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans