web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Small and medium business | Business Central, N... / Permission set - Sales...
Small and medium business | Business Central, N...
Suggested Answer

Permission set - Sales manager

(0) ShareShare
ReportReport
Posted on by JohnBluerell 36

Dear All,

Good day!

I need my sales manager to enter quote, ask for approval and convert in order. They should only access to their clients quote (I did that with responsibility center). All other information are sensitive and thay must not access them. Of course I can customize their view and disable them to edit it but it looks not secure. If they can someway get a valid url to a different page they can see data inside. 

  1. Permission is the way. 
  2. Permission are difficult.
  3. I need your help.

Recording function is cool but out of the box does not allow webclient to run. Microsoft sudgest to always add "BASIC" permission set. This "BASIC" is 589 entry and include many sensible table: invoices, purchase orders, accounting table ecc... Is not so basic at all. I think is "BASIC" for a generalistic user. 

I need a permission set with the minimum record rrequired to "run" the webclient and then on the top of that ad the recorded one. How can I find / build it?

Many thanks

I have the same question (0)
  • Suggested answer
    Bilal Haider Profile Picture
    Bilal Haider 442 on at

    Hi,

    BASIC is the permission set with minimum basic set of permissions.

    Create a new Permission set by copying the Permissions of BASIC. Expand the permissions and then remove the tables, pages and code units access that you want to restrict. In this way you'll have BASIC-(Restricted Page/Table/CU ) permissions.

    e.g. You can restrict the posting of Sales/Purchase Orders by restricting execute access to Posting Code units.  

    PS. yes permissions are a little difficult

    Regards,

    Bilal

  • JohnBluerell Profile Picture
    JohnBluerell 36 on at

    First of all: thanks.

    An opt-out aproach is not good. I can easily exclude all the table that I know the user should not access but what about the tables that simply I don't know?

    > Excluding all of them will lead to the webclient not to run.

    > Letting them in is a security issue since they can (and probably does) include sensible information.

    I found some reference about "foundation" permissions. It looks like what I need. Can I trust that no sensible information is stored on those tables? 

  • Suggested answer
    Marco Mels Profile Picture
    Marco Mels Microsoft Employee on at

    Hello,

    Maybe this helps:

    docs.microsoft.com/.../ui-define-granular-permissions

    Thanks.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Stars!

Meet the Microsoft Dynamics 365 Contact Center Champions

We are thrilled to have these Champions in our Community!

Congratulations to the March Top 10 Community Leaders

These are the community rock stars!

Leaderboard > Small and medium business | Business Central, NAV, RMS

#1
OussamaSabbouh Profile Picture

OussamaSabbouh 1,948 Super User 2026 Season 1

#2
YUN ZHU Profile Picture

YUN ZHU 1,048 Super User 2026 Season 1

#3
Teagen Boll Profile Picture

Teagen Boll 727 Super User 2026 Season 1

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans