web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Customer experience | Sales, Customer Insights,... / Default access level f...
Customer experience | Sales, Customer Insights,...
Answered

Default access level for fields with Field Level Security

(0) ShareShare
ReportReport
Posted on by James 2

Hi

I have a custom entity with some fields on it that need to be readable by any user that has read-access to the entity via security roles, but only updateable by one specific Team, regardless of whether the current user has write-access permissions to that entity record as a whole.

If I use FLS (which I thought would be the correct way), then I have to create a Team for all users that need to be able to read those fields. The problem with this is that this list changes... 

Is there a way to set the default access level on a FLS field to read-only, and then use the field security profiles to grant additional permissions, e.g. write?

I considered a business rule, but how would you check team membership?

The only other way I can think to do this is to remove the FLS, and rather use a real-time workflow that fires on update of any of the "read-only" fields, and then use Demian Rasko's Workflow Tools to determine if the triggering user is in the team or not, and cancel the workflow if not.

Has anyone had a similar issue with resolution that they could share?

Much appreciated,
James

I have the same question (0)
  • Suggested answer
    Johao Larios Profile Picture
    Johao Larios 1,795 on at

    Hello there,

    Have you tried buy hide or show those fields using javascript?

    Another thing that I think is that to use business rules, you can use a JS to get the team or permissions of the current user, then save in a custom boolean field if the fields should be read only or not and base the business rule on that field.

    docs.microsoft.com/.../getuserprivilege

    community.dynamics.com/.../how-to-retrieve-a-user-s-teams-javascript

    regards .

    If this answers your question, please mark this an answer.

  • Verified answer
    Feridun Kadir Profile Picture
    Feridun Kadir 1,705 Most Valuable Professional on at

    You should use FLS because that will protect the field regardless of how the user tries to get the data (in a form, view, or export to Excel).

    Create two field level security profiles -one that gives read access and one that gives write access to the fields.

    Add the default business unit teams to the one that gives read access - then everyone gets read access without you having to manage membership.The default business unit teams are managed automatically by Dynamics. You'll need to add the default business unit team for every business unit in your organisation.

    In the other field security profile (the one that gives write access), add a team (perhaps created especially) and then add in the users that need write access to that team.

  • James Profile Picture
    James 2 on at

    Thank you, Feridun, I'd completely forgotten about default business unit teams. I've reverted to this solution.

    And thank you, Johao - I was busy doing what you'd suggested myself when I saw your answer, but Feridun's is more in line with what I'm trying to achieve.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Customer experience | Sales, Customer Insights, CRM

#1
Tom_Gioielli Profile Picture

Tom_Gioielli 170 Super User 2025 Season 2

#2
#ManoVerse Profile Picture

#ManoVerse 61

#3
Gerardo Rentería García Profile Picture

Gerardo Rentería Ga... 52 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

Hide selecting Contact for potential customer when creating quote

Product updates

Dynamics 365 release plans