Skip to main content

Notifications

Announcements

🌸 Community Spring Festival 2025 Challenge & Updates🌸
Replay: Power Platform Community AMA - Copilot Studio | April
Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Pages - Security / Row Level Security
Power Pages - Security
Suggested answer

Row Level Security

(1) ShareShare
ReportReport
Posted on by PL-21021440-0 8
Hi,
 

Power Pages are used to display table data to users, who have assigned roles. I want to restrict the data a user can see from a particular table based on their assigned role(s).

For example, the Customers table contains customer-related data, and a user should only have access to the customers their role permits them to see.

Another example is the Requests table, where one role can see all requests, while individual users can only see their own.

I really appreciate the guidance on how to approach this.

 

Thanks, Pabloo.

Categories:
General
  • Suggested answer
    Fubar Profile Picture
    Fubar 7,821 Super User 2025 Season 1 on at
    Row Level Security
    The portal uses a security model based on Contact and Account, it does not make use of the Dataverse Owner/Teams or Business Unit based security model.
     
    Your internal AD.Entra user will get a Contact record created for them, and this contact will have an entry in the External identities table (linked to that Contact record) which contains a link and a guid which is their Entra/AD guid - so is not directly linked to the System User record in dataverse.
  • PL-21021440-0 Profile Picture
    PL-21021440-0 8 on at
    Row Level Security
    Hi Fubar,
     

    Thank you for your suggestions. You've covered some important points related to the Power Pages security mechanism, but I don't see how it depends on the business unit security model that I want to achieve.

    I understand that the Scope (Contact, Account, Global) works like a WHERE statement when querying a database. However, what I would like to achieve is filtering data based on the assigned business unit

    P.
  • Suggested answer
    Fubar Profile Picture
    Fubar 7,821 Super User 2025 Season 1 on at
    Row Level Security
    You need to configure appropriate Table Permissions either from inside the Power Pages designer or from the Power Pages Management App, and assign those permissiions to a Web Role your portal user will be using.
     
    To access their own records you need to create a table permission with Scope = Contact, and also make sure that the record in question has a Lookup to the Contact table that is populated with the portal users Contact record (if they create/update the record from the portal you can populate the contact lookup either by using settings on the form or via a metadata record for the basic or multistep form step).
    To access all records, Scope = Global, to access records for their Account record (where using the out of the box parent account relationship) Scope = Account.
     
     
     
     
  • PL-21021440-0 Profile Picture
    PL-21021440-0 8 on at
    Row Level Security
    Hi 
     

    Thanks for sharing this link—it helped me better understand the Business Units security model.

    On paper, it seems like an out-of-the-box functionality, but after several attempts, I can't get it to work as described, or I might still be missing something. Could you advise whether my approach is correct and what might be missing?

    Here’s what I have done so far:

    • Enabled the "Record ownership across Business Units" feature.
    • Created a table.
    • Created two Business Units (one parent, one child) under Power Platform Admin Center → Settings → Business Units.
    • Created two Security Roles—one assigned to the parent BU and the other to the child BU—under Power Platform Admin Center → Settings → Security Roles.
    • Assigned Business Units to users under Power Platform Admin Center → Settings → Users.
    • Ensured that data in the Owning Business Unit column is assigned to the newly created Business Units.

    In Power Pages:

    • Created a table view.
    • Set up a site to display a simple list showing records from the table view.
    • Granted site access to users.

    Issue:

    Users can see all records, regardless of the Business Unit assigned.

    Could you help identify what might be missing in my configuration?

  • Michael E. Gernaey Profile Picture
    Michael E. Gernaey 40,272 Super User 2025 Season 1 on at
    Row Level Security
    Hi,
     
    You would need to go into Dataverse / Power Platform Admin.
     
    For each Role, you would need to configure the Row + Column Level Security so that they only see their's. Its not relative to Power Pages specifically as once set the roles ./ rows etc is for any app that uses dataverse itself to protect the data.
     
    Please take a look at this and let me know if you have further questions. If it solves yours request please mark as such.
     
     
    Thanks!

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🌸 Community Spring Festival 2025 Challenge & Updates🌸
Replay: Power Platform Community AMA - Copilot Studio | April
Welcome to the Power Platform Communities

Quick Links

🌸 Community Spring Festival 2025 Challenge 🌸

WIN Power Platform Community Conference 2025 tickets!

Markus Franz – Community Spotlight

We are honored to recognize Markus Franz as our April 2025 Community…

Kudos to the March Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 146,524 Most Valuable Professional

#2
RandyHayes Profile Picture

RandyHayes 76,287 Super User 2024 Season 1

#3
Pstork1 Profile Picture

Pstork1 65,898 Most Valuable Professional

Leaderboard

Featured topics

Product updates

Microsoft Power Platform Community release plans