Successful Security Setup for Model-Driven Apps

By Kaylee Allard | December 30, 2019

Successful security setup for model-driven apps

Power Apps has empowered us to easily create and build Model-Driven apps. Requiring no heavy coding or experience, you can develop these apps to meet a variety of business needs. And with the recent 2019 release of Dynamics 365 Customer Engagement wave 2, the end-user experience continues to be enhanced with functionality improvements and additions. Building a Model-Driven app is (fairly) simple, but when deploying you must keep security roles and end-user access in mind.

You can choose what users see and access from the ‘My Apps’ page or Customer Engagement home page by giving app-access to specific security roles. Users will have access to apps based on the security roles they’re assigned to. When deploying, there are multiple potential areas that can affect the user’s ability to access part or all of the app. Below, I’ve provided a comprehensive list of common areas to check if the user can’t see the app or access certain parts of it.

1) Security role is not granted access to the app

The most common reason a user can’t see or access the app is that the user doesn’t have a security role with access to the model-driven app. Although you can grant any role to any app, this can get messy. If you give a primary security role access to an app, you are giving everybody assigned that role access to the app. In the scenario of deploying multiple apps, you will find yourself in situations where you want to grant access to the app to selected people, and not everyone. This is where the beauty of the app access role design comes into play and lets you easily control access to apps without modifying your primary security roles.

In security roles, you will notice some roles appear in your list that contain “app access”. You can simply add these app access roles to any user to make the app show in up their app list, and you can remove that security role to make their access to the model-driven app disappear.

App Access

2) User is missing model-driven app privilege in security role

Once your users are assigned the correct security role granting them access to the app they need, you need to make sure that security role is assigned to the Model-Driven app. To do this, navigate to My Apps or Customer Engagement home page and click the ellipses next to the app you’re assigning a security role to. By selecting Manage Roles, a list of all security roles will pop up on the right-hand side. Here is where you select what security roles have access to the selected model-driven app.

Customer Service Hub

Manage Roles

3) Grant access to entities or records in the security role or license

You do not have sufficient privileges to view this record. Contact your system administrator”. This error message can be frustrating for an end-user, so be sure to add necessary entities that are included in your app when managing security roles- and don’t forget about custom entities. These can be found under the Custom Entities tab for a security role.

Security Role - Sales Manager

4) Security role needs access to forms, dashboard, and business process flows in the app

When you’re deciding what forms, dashboards, and business process flows will exist in your model-driven app, make sure your users who will be using the app have the correct security set up to have access to them. Business Process Flows are represented as a custom entity and come with their own set of privileges that can be edited within a security role just like any other system or custom entity. You can specify the privileges in the Business Process Flows tab for a security role.

Key Takeaway: Do your due diligence when setting up security for a Model-Driven app. Make sure your users have appropriate privileges in multiple areas. And if you do run into security issues, run through this non-exhaustive list provided.

If you are looking for more information or have more questions about Model-Driven apps, please reach out to us at Stoneridge Software!


Related Posts

Recommended Reading:

Performance Turning Webservices in Dynamics 365 Business Central: Migrate Your Integrations off SOAP and Move to OData or API

Dynamics 365 Business Central users will soon be unable to use SOAP web services when making application functionality available to […]

Read the Article

Stoneridge Software Selected for 2022 Microsoft US Partner Award – Dynamics 365 Business Central

Stoneridge Software is honored to be selected as a 2022 Microsoft US (MSUS) Partner Award winner for Dynamics 365 Business […]

Read the Article
6.29.22 Dynamics CRM

Reduce Manual Data & Increase Productivity with Dynamics 365 for Sales

Dynamics 365 for Sales has a ton of great features to help automate processes for you and your team to […]

Read the Article

Dynamics 365 Business Central Boolean Field Bug Temporary Fix

If you are a Dynamics 365 Business Central cloud (SaaS) customer who is using Edge or Chrome to run the […]

Read the Article

Using Non-Sequential Numbering to Prevent Locking In Your Dynamics 365 Business Central System

Running into locks in your system? Enable non-sequential numbering on your number series to prevent number series locking issues! As […]

Read the Article
6.24.22 Dynamics GP

Uncommonly Used Features: Setting Up Account Categories in Dynamics GP

This is the final part of my current series on Uncommonly Used Features in Dynamics GP. In this post, I […]

Read the Article

Increase User Productivity in Dynamics 365 Business Central with These 10 Tips

There are constantly evolving ways for you to increase user productivity in Dynamics 365 Business Central. Here are 10 tips […]

Read the Article

Star Tribune Lists Stoneridge as a Top 200 Workplace for 2022

Stoneridge Software’s emphasis on creating a positive and flexible culture has earned recognition as a top workplace in Minnesota. The […]

Read the Article
6.14.22 Dynamics GP

Uncommonly Used Features – Reconciling Sub-ledger to GL using the Reconcile Routines in Dynamics GP

As we continue the uncommonly used features series, with this post I want to show you how to reconcile your […]

Read the Article

Start the Conversation

It’s our mission to help clients win. We’d love to talk to you about the right business solutions to help you achieve your goals.

Subscribe To Our Blog

Sign up to get periodic updates on the latest posts.

Thank you for subscribing!