web

You’re offline. This is a read only version of the page.

Dynamics 365 CommunityForums Microsoft Dynamics 365 | Integration, Dataverse... Dataverse entity needs...

Microsoft Dynamics 365 | Integration, Dataverse...

Answered

Dataverse entity needs two groups with different Column Security Profiles

(4) Share

Report

Report

Posted on by MightyFerengi

14

Have a Dataverse entity setup to be created by any user with access to the app/environment. Each record will need to be accessed by users in two groups, Managers and Approvers. Managers need to be able to access all columns except the handful of Approver columns, which they can read from, but not write to. Approvers need to be able to access the handful of Approver columns, but can only read all other columns.

The real issue with this is that ANY user could be in ANY role on ANY record. If John Doe is a Manager on record 001, he can't write to the Approver columns on record 001, but he can read from them. However, if he is an Approver on record 002, he can write only to the Approver columns and can only read from the remaining columns.

This means that Access Teams are not a solution as Column Security Profiles can't be assigned to Access Teams. Likewise, Owner Teams are not a solution as each record will need two Owner Teams and this functionality is not supported.

I'm beginning to think I'll need a custom plugin that will work off of the Service Account and check the user's role assignment (Manager or Approver) in a related User-Record table. That way, the records could stay owned by the Service Account and security on Dataverse would be maintained.

Does this sound like the right direction to go or am I missing an easier solution?

Categories:

Dynamics 365 general

I have the same question (0)

All responses Img

All responses (2)

Answers Img

Answers (1)

Verified answer

Amit Katariya007 10,409 Super User 2025 Season 2 on at

Like (3)

Report

Dataverse entity needs two groups with different Column Security Profiles

You can use simple JS.

but this will fail when user is trying to see this information using advanced find, as we can not able to handle show/hide info here.

Best way to implement your requirement is.

1. Create 2 entities. First one will have All the fields that manager needs. Second one will have all the fields which approver need.

2. Now make sure this records own by a service user. And depending upon the role, you can share this records with the Manager and approver. So that you don't have to maintain permissions on record level and field security level.

Was this reply helpful? Yes No
MightyFerengi 14 on at

Like (0)

Report

Dataverse entity needs two groups with different Column Security Profiles

Thanks @Amit Katariya007, that worked great!

Was this reply helpful? Yes No

Join the conversation

Helpful resources

News and Announcements

Join experts in person to explore low code and AI agents at the Power Platform Community Conference sponsored by Microsoft

Quick Links

Leaderboard > Microsoft Dynamics 365 | Integration, Dataverse, and general topics

#1

Sahan Hasitha 242

#2

André Arnaud de Cal... 83 Super User 2025 Season 2

#3

Sohaib Cheema 68 User Group Leader

Last 30 days Overall leaderboard

Featured topics

Identifying an Org as CDS or Dynamics

Get batch job history log from D365 FO to Power Automate

Gross and Net Weight of Shipments feeding back into Sales Order (from External Source)

Product updates

Dynamics 365 release plans