Security Considerations when building a model-driven app in PowerApps

Security Considerations when building a model-driven app in PowerApps

If you’re a Dynamics 365 System Administrator, chances are you’ve played around with building model-driven apps in PowerApps. By now, it’s become glaringly clear that this is the direction Microsoft CRM has headed and will continue to head when it comes to configuration and customization.

For those of you have not yet ventured into the world of model-driven apps, this blog series will introduce you to the components, security considerations and functionality to help you get started.

This series will include six articles that will help you to get to know model-driven apps and PowerApps:

Security Considerations

Creating Model-Driven Apps. When building a model-driven app in Dynamics 365 using PowerApps, it’s important to understand security pre-requisites. You will need the System Administrator or System Customizer security role in Dynamics 365, or another role with Create, Read & Write access for Model-driven app.

Accessing Model-Driven Apps. If you are using custom security roles in your organization, it is important to ensure your users have Read access to Model-driven apps on the Customization tab:

Security role permissions for model-driven app
Troubleshooting Tip! If your users report not seeing an app or getting an error message saying the app is not accessible, make sure they have the Model-driven App Read privileges on the Customization tab!

Applying security role(s) to App. Take security a step further with model-driven apps and streamline which apps appear for your users. Make sure that they only see the apps they need to see. Here are 4 simple steps to limit access to a model-driven app by security role:

1. Go to My Apps, then select Home

2. In the App box, click the ellipses icon next to the App name

manage roles in a model-driven app

3. A panel will open on the right-hand side. Select the security roles who should access the App.

Select security roles for model-driven app

4. Click Save at the bottom.

Tip! You can hide the Dynamics 365 – custom App from all users by following steps 1 & 2 above. Clicking the ellipses on this App will give you the option to “Hide for all roles.”

Stay tuned for the rest of this series on building a model-driven app in Dynamics 365 using PowerApps.

Heidi Neuhauser
Posted on:
Heidi is a Partner at Reenhanced. She is a Microsoft MVP for Business Applications and is passionate about user adoption, out-of-the-box configuration tools, Dynamics 365 and the Power Platform.
Post author