System and application users
There is a list of special system and application users that is created when the system is provisioned. Special system users are created for integration and support scenarios. Application users are created during system provisioning for setup and configuration management. Application users can also be used for performing back-end services.
Most of these users are hidden from user views but they can be found by using the Advanced Find on the Users entity. Do not delete or modify these users including changing or reassigning security role.
|User type||Full name||User name||Purpose||Security role assigned|
|Support email@example.com||To allow Microsoft support staff to have restricted/limited access to any customer environment for customer support||Support user (does not have privilege to customer data)|
|Delegated firstname.lastname@example.org||See For partners: the Delegated admin||System admin|
|Application||Business Application Platform Service email@example.com||To setup Power Apps system and configurations||System admin|
|Dynamics 365 Athena-CDStoAzuredatalake||Dynamics365Athena-CDStoAzuredatalake@onmicrosoft.com||Service application to perform data integration between Microsoft Dataverse to Azure Data Lake||DataLakeWorkspaceAppAccess|
|Dynamics 365 Athena2-CDStoAzuredatalake||Dynamics365Athena2-CDStoAzuredatalake@onmicrosoft.com||Service application to perform data integration between Dataverse to Azure Data Lake||DataLakeWorkspaceAppAccess|
|Dynamics 365 EnterpriseSales-CDStoAzuredatalake||Dynamics365EnterpriseSales-CDStoAzuredatalake@onmicrosoft.com||Service application to perform data integration between Dataverse (Sales) to Azure Data Lake||N/A|
|# SIAutoCapture||SIAutoCapture@onmicrosoft.com||To be used for Auto Capture solution business requirements to perform data query and execute plugins from backend services.||SalesInsights AutoCapture Admin|
|# Dynamics 365 Sales||Dynamics365Sales@onmicrosoft.com||To allow Dynamics 365 Sales to communicate with Dataverse and Azure Data Lake for analysis and data updates.||Sales system data sync and EAC App Access|
|Microsoft Project||Project@microsoft.com||Allow Project for the Web and Roadmap Service to communicate with Dataverse||Project System and Portfolio User|
|Power Apps Checker Application||Pacheckerapp@microsoft.com||To perform static analysis of Power Apps solutions to assist in identifying performance and stability risks||Export customizations and Solution checker|
|Powerqueryonline-CDStoAzuredatalake||Powerqueryonline-CDStoAzuredatalake@onmicrosoft.com||Service application to perform data query between Dataverse and Azure Data Lake||N/A|
|Provision Userfirstname.lastname@example.org||To perform Application installation from AppSource or System updates from Microsoft||System admin|
|DataLakeStorage||DataLakeStorage@onmicrosoft.com||To allow solutions to manage workspaces, workspace permissions and the discovery of workspaces.||DataLakeWorkspaceAppAccess|
|JobServicePreProd||JobServicePreProd@onmicrosoft.com||Enable satellite services to schedule and dispatch messages to independently built workloads with guaranteed delivery of messages based on service-defined policies.||System admin|
|JobServiceProd||JobServiceProd@onmicrosoft.com||Enable satellite services to schedule and dispatch messages to independently built workloads with guaranteed delivery of messages based on service-defined policies.||System admin|
|# CCADataAnalyticsML||CCADAAdmins@onmicrosoft.com||To allow AI insights in customer care apps like Customer Service, Field Service, etc.||System Customizer and System admin|
|# CDSReportService||CDSReportService@onmicrosoft.com||To allow user to run reports.||N/A|
|Power Platform Dataflowsemail@example.com||Power Platform Dataflows service application to perform data preparation and loading into Dataverse and Azure Data Lake||System Customizer and Delegate|
The purpose of the system account?
- The System user is a built-in user account that is used to allow customers to perform system updates via plug-ins.
- The primary usage of this user account is to meet special business requirements that require elevation of privileges; for example, running background processes to integrate with other applications.
- It can also be used to handle rollup scenarios where individual users do not have the required privilege. For example, the priority of a Case is automatically set to the highest priority of an individual user’s tasks and individual users can only update their own task priority but not the Case priority.
Technical details on permissions?
- This user account can perform any actions and has all system privileges.
- Records created/updated by this user account are audited.
Technical details on the security?
- This user account cannot sign in to Dynamics 365 apps.
- Administrators have the option to use this user account when registering their plug-ins.
- This user account does not have a mailbox, so they cannot be used to send or receive emails.
- The details of this user account cannot be modified from the User Form interface.
- This user account does not show up in any views.
The purpose of the application users?
- The application user is a built-in user account that is used to perform integration and system back-end service to support a particular feature.
- Since these are built-in user accounts, they cannot be updated. The security role that is assigned to these accounts cannot be updated either. This is to prevent any service outages.