Exercise - Create a new security role

  • 5 minutes

Security is consistently one of the highest concerns of any business decision maker as they investigate implementing a cloud-based solution. Showing how security roles can tailor user access to their specific business need is a simple way to demonstrate the value of model-driven applications.

Learning objectives

At the end of this exercise, you will have configured a new security role for Contoso Research.

High-level steps

  1. Access the Dynamics 365 model-driven app settings.
  2. Create a new security role.
  3. Configure privileges and access levels per the business requirement.
  4. Configure settings for the new entity.

Detailed steps

You need to show Contoso Research how Dynamics 365 security roles can be custom-made to fit their business model. One of their personnel roles is a Survey researcher. Survey researchers call Contacts and facilitate a survey over the phone.

Survey researchers will get assigned a certain number of Contact records at the beginning of a shift. Their job is to call the contact records in their queue, as assigned by a manager. A survey researcher will only call contacts that are in their business unit. To protect the privacy of the other contacts in the system, survey researchers should not be able to view any contact outside of their business unit. In some cases, contacts will request that they not be called again. Survey researchers should then be able to check a field called "Do not call" on the Contact record.

  1. In Power Apps Admin center, select the model-driven app environment.

  2. Click on the Dynamics 365 Administration Center link in the Details tab to manage the environment in the Dynamics 365 Admin center.

  3. Select the environment (with the same name of environment) and select Open.

  4. If you see published apps and tiles, look in the upper-right corner and select the Gear icon. Then select Advanced settings.

  5. Select Security Roles.

  6. Select New.

  7. From the security role designer, enter a role name in the Details tab.

  8. Select a tab and search for the Contact entity.

  9. Select the privileges based on your business requirement.

    • Select Business Unit access for Read on Contact.
    • Select Business Unit access for Write on Contact.
    • Select None for all other privileges.

  10. Select Save and Close.