Small and medium business | Business Central, N...

Security Filter restricting entire table

(7) Share

Report

Posted on by SC-19021502-0

122

For confidentiality reasons, my client wanted security filters to avoid people being able to see records associated with certain vendors.

To do this we applied security filters to the various tables based on the Vendor Posting Group - see extract from permissions below.

Type	Object Type	Object ID	Object Name	Read Permission	Insert Permission	Modify Permission	Delete Permission	Security Filter
Include	Table Data	23	Vendor	Yes	Yes	Yes	Yes	Vendor: Vendor Posting Group=<>VND-SCD\|<>VND-FGT
Include	Table Data	25	Vendor Ledger Entry	Yes	Yes	Yes	Yes	Vendor Ledger Entry: Vendor Posting Group=<>VND-SCD\|<>VND-FGT
Include	Table Data	38	Purchase Header	Yes	Yes	Yes	Yes	Purchase Header: Vendor Posting Group=<>VND-SCD\|<>VND-FGT
Include	Table Data	39	Purchase Line	Yes	Yes	Yes	Yes	Purchase Line: Posting Group=<>VND-FGT\|<>VND-SCD
Include	Table Data	122	Purch. Inv. Header	Yes	Yes	Yes	Yes	Purch. Inv. Header: Vendor Posting Group=<>VND-SCD\|<>VND-FGT
Include	Table Data	123	Purch. Inv. Line	Yes	Yes	Yes	Yes	Purch. Inv. Line: Posting Group=<>VND-SCD\|<>VND-FGT
Include	Table Data	380	Detailed Vendor Ledg. Entry	Yes	Yes	Yes	Yes	Detailed Vendor Ledg. Entry: Vendor Posting Group=<>VND-SCD\|<>VND-FGT

Unfortunately this does not appear to be working as we expect as users are sporadically getting error messages when trying to review data in those tables - ie, sometimes looking at purchase invoices/posted purchase invoices is fine and other times they get an error saying a security filter has been applied, when the record in question isn't part of the filter. Sometimes they are unable to even open entire lists - for example a user today couldn't view General Ledger entries at all due to the filter on Purch Inv Header table.

Am I missing something here - I thought the whole point of Security Filters was to allow access to the tables, filtering out the restricted records. Is there something wrong in my permission setup?

Any guidance gratefully received.

Categories:

Dynamics 365 Business Central

I have the same question (0)

All responses (6)

Answers (0)

Suggested answer

Alex A 3,068 Super User 2026 Season 1 on at

Like (4)

Report
Copy link

Link copied!

Hello, yes in theory it seems that you should be able to filter out any restricted records, but in practice it is not always recommended. Other than the warning messages and issues you're experiencing, I would be more concerned about the posting of transactions being interrupted. I have seen in earlier version of NAV a posting transaction get stopped midstream because of improper usage of security filters; meaning certain documents were updated and others were missing. This was not good.

So, I would use security filters sparingly, especially on ledger tables. There is another approach:

* Have a developer put a filter into the page itself, filtering out these vendors, for instance a Purchase Order list page that doesn't load those vendors for the user to see.

This puts the filter at the Page level instead of the Table Data level, and won't affect any posting or user processes/transactions. You would then assign this custom page to a Profile/Role, and then assign the users to that Profile/Role. Yes it's more work, but less problematic, and you can avoid potential data integrity issues.

Regards.

Was this reply helpful? Yes No
Suggested answer

Jainam M. Kothari 15,732 Super User 2026 Season 1 on at

Like (2)

Report
Copy link

Link copied!

Hello,

Security filters in Business Central restrict records globally, so when pages or reports query related tables (e.g., Vendor or Purch. Inv. Header), filters can block indirect access and cause errors instead of just hiding data.

Complex conditions like <>VND-SCD|<>VND-FGT often behave unpredictably, especially with joins and FlowFields.

Best practice is to use positive filters (e.g., Vendor Posting Group=FILTER(<allowed values>)), test key pages for dependencies, and consider separate permission sets for sensitive vendors rather than applying filters on highly referenced tables.

This ensures stability and avoids breaking list views or drilldowns.

2 people found this reply helpful.

Was this reply helpful? Yes No
Suggested answer

OussamaSabbouh 12,808 Super User 2026 Season 1 on at

Like (2)

Report
Copy link

Link copied!

Hello,

Security filters break because they cascade through related tables.

Your filters on Purch. Inv., Purch. Lines, VLE, etc. are causing random page failures.

Only apply the filter on Vendor (table 23). Remove all others.

Regards,

Oussama Sabbouh

1 people found this reply helpful.

Was this reply helpful? Yes No
Suggested answer

YUN ZHU 99,055 Super User 2026 Season 1 on at

Like (1)

Report
Copy link

Link copied!

Hi, hope the following helps as well.

Dynamics 365 Business Central: Using Security Filters and SecurityFiltering Property

https://yzhums.com/10133/

Thanks.

ZHU

Was this reply helpful? Yes No
Suggested answer

RockwithNav 8,941 Super User 2026 Season 1 on at

Like (2)

Report
Copy link

Link copied!

I can totally relate to this, and this is the behavior many people eventually experience. The point is that the way we visualize the security filter and the way it actually works are different. We’re unable to think of certain scenarios where it gets triggered, and that’s when we start facing issues. You need to tweak it further to eliminate the conditions where it gets stuck — that’s the only solution.

Was this reply helpful? Yes No
Gerardo Rentería Ga... 25,555 Most Valuable Professional on at

Like (1)

Report
Copy link

Link copied!

Hi, good day
I hope this can help you, and give you some hints.

Hide Confidential Records with Security in Business Central - Sharing The Righter Way - Cynthiapriebe.com

How to Use Security Filters in Microsoft Dynamics 365 Business Central for Record-Level User Access

Best Regards
Gerardo

Was this reply helpful? Yes No