Skip to main content

Notifications

Announcements

Join us in the Community for an AMA: December 12th Register Today
News and Announcements icon
Dynamics 365 Community / Forums / Small and medium business | Business Central, N... / Hiding columns from ta...
Small and medium business | Business Central, N...
Suggested answer

Hiding columns from table in OData API calls

(1) ShareShare
ReportReport
Posted on by MarcL 4
We have a security problem with API access to our Business Central database.
We have a table that needs to be accessed by all employees.
That table contains Salary information fields that are hidden in BC but can be accessed via an OData API call from PowerBI or Excell.
I’m pretty sure our company wasn’t setup right, but API access must be maintained for reporting purposes and using linked tables is not a viable solution.
Applying security filters, from BC, to the specific fields doesn’t do the trick, since the hole line gets filtered, and we need it.  
Does anyone know how we can hide fields from API calls while the others, from the same line can still be read?
Thanks
Categories:
Business Central
Business Central
Business Central
Business Central
  • Suggested answer
    Saurav.Dhyani Profile Picture
    Saurav.Dhyani 17,965 Super User 2024 Season 2 on at
    Hiding columns from table in OData API calls
    Hi,
     
    You cannot change the field list exposed by a standard API.
     
    If it a custom API Endpoint created by your partner, you can ask them to remove fields that are sensitive and have a separate endpoint for specific people in team to access that data.
     
    If filters need to be applied on data that can also be done by a developer on Custom API Endpoint.
     
    Let me know if you have additional questions, but I think your solution should be simple enough with one or more custom API Endpoints.
     
    Regards,
    Saurav Dhyani
  • Suggested answer
    YUN ZHU Profile Picture
    YUN ZHU 73,565 Super User 2024 Season 2 on at
    Hiding columns from table in OData API calls
    Hi, hope the following helps.
    Dynamics 365 Business Central: Can we extend standard APIs? – Download Standard Source Code for APIs
     
    If you are using a Web Service, you can hide this field on the published page so that users cannot see it.
     
    If it is a Flowfield or TableRelation field, it can be managed through permissions.
    More details:
    Dynamics 365 Business Central: What happens if users don’t have permission to read the table set in a FlowField?
    Dynamics 365 Business Central: What happens if users don’t have permission to read the table set in the TableRelation Property?
     
    Thanks.
    ZHU
  • Suggested answer
    Valentin Castravet Profile Picture
    Valentin Castravet 24,793 Super User 2024 Season 2 on at
    Hiding columns from table in OData API calls
    I would create a copy of that API and exclude the salary field in the newly created API. All employees would use the new API. 
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Join us in the Community for an AMA: December 12th Register Today

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Tips for Writing Effective Suggested Answers

Best practices for providing successful forum answers ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,253 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,188 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans