Skip to main content

Notifications

Dynamics 365 Community / Forums / Microsoft Dynamics CRM forum / How to give partial AP...
Microsoft Dynamics CRM forum
Suggested answer

How to give partial API access to external, and how would they consume it

editSubscribe (0) ShareShare
ReportReport
Posted on by CU02051350-0

Hi, I was wondering if I have the following scenario:

  • I need to give access to a third party to Dynamics Data, lets Call them /Yellow Inc/
  • their access should be read only (GET) to specific entities, not all (For example, Contacts and Association)

  • Also they need to be only able to access certain records in an entity (For example, in Contacts, they are allowed to access only the records that have agreed to share their information)

How would you go about doing that? From what I have read so far :
1- I need to create an app registration
2- link it to a security role in dynamics

not sure what to from there on? is a plugin necessary in this case ? How do I control the queries? How do I set the Custom Api to restrict access based on the conditions above. And finally, how can i give it to /Yellow/ for them to consume

thank you


Categories:
Development / Customization / SDK
  • Suggested answer
    Bipin D365 Profile Picture
    Bipin D365 28,937 Super User on at
    How to give partial API access to external, and how would they consume it
    Hi,
     
    You can use Execute Privilege Name property on Custom Api to secure your Custom Api.
     
     
    Thanks,
    Bipin
  • Suggested answer
    Dengliang Li Profile Picture
    Dengliang Li Microsoft Employee on at
    How to give partial API access to external, and how would they consume it
    Hi,
     
    As you said, you can create an application user and then add it to the Dynamics CRM environment and give it security roles.
    You can refer to the following video link to add application users to your Dynamics CRM environment.
     
    You can perform CRUD operations on record data in Dynamics CRM.
     
    For example, I retrieve the name information of a contact as an application user.
     
    Then, if I disable the application user's access to the contact record through the security role.
     
    Unable to retrieve information from contact records.
     
    Therefore, you can control access to entity records for application users through security roles.
     
    If my answer was helpful, please click Like, and if it solved your problem, please mark it as verified to help other community members find more.
    If you have further questions, please feel free to contact me .
     
    Best Regards,
    Dengliang Li
     

Helpful resources

Quick Links

Take the Community feedback survey!

Answer this brief 15-question survey about your Community experience…

Demystifying Copilot: Service Edition with Sundar Raghavan

Sundar answers more questions about Copilot for Service...

Dynamics 365 Business Central vs Finance and SCM

Take a look at the key differences between Business Central and…

more Community News

Leaderboard

#1
Andre Arnaud de Calavon Profile Picture

Andre Arnaud de Cal... 283,375 Super User

#2
Martin Dráb Profile Picture

Martin Dráb 223,308 Super User

#3
nmaenpaa Profile Picture

nmaenpaa 101,140

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans