web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Customer experience | Sales, Customer Insights,... / Data Visibility Issue ...
Customer experience | Sales, Customer Insights,...
Suggested Answer

Data Visibility Issue with OData API in Dynamics CRM

(1) ShareShare
ReportReport
Posted on by JG-11121256-0 7
We have identified a security issue in Dynamics CRM where users accessing the system via the OData API can retrieve all data. This behavior violates expected security boundaries and could lead to unauthorized data exposure.
Please investigate and provide a resolution or guidance on how to limit data exposure based on user roles for OData API access.

 
Categories:
Microsoft Dynamics CRM
I have the same question (0)
  • Suggested answer
    Guido Preite Profile Picture
    Guido Preite 54,086 Moderator on at
    the OData API respects the access to the data defined by the security role associated to the user.
    Let's do an example: with "User 1" the user is able to retrieve all Account records. The reason is that "User 1" has a security role associated (directly or indirectly by a team membership for example) that allows the access to read Account table with Organization right.
     
  • CU19121149-0 Profile Picture
    CU19121149-0 3 on at
    How would you share Accounts records safely across multiple "Owners" ? e.g A table records has one owner but need data updates by another user who is not the owner. Cant add this user to the "Team" to restrict unneccessary data exposure

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Stars!

Congratulations to our 2025 Community Spotlights

Thanks to all of our 2025 Community Spotlight stars!

Congratulations to the February Top 10 Community Leaders

These are the community rock stars!

Leaderboard > Customer experience | Sales, Customer Insights, CRM

#1
ManoVerse Profile Picture

ManoVerse 180 Super User 2026 Season 1

#2
11manish Profile Picture

11manish 123

#3
CU11031447-0 Profile Picture

CU11031447-0 100

Last 30 days Overall leaderboard

Featured topics

Hide selecting Contact for potential customer when creating quote

Product updates

Dynamics 365 release plans