Skip to main content
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Pages - Security / Restricting Column-Lev...
Power Pages - Security
Answered

Restricting Column-Level Access in Dataverse Table for Specific Web Roles

(2) ShareShare
ReportReport
Posted on by CU11072008-0 4
Hi everyone,

I'm currently working on a Power Pages project using Dataverse and have encountered a challenge regarding data visibility based on web roles.
I have a Dataverse table named "Items", which contains both general and technical data. The requirement is that only users with the "Supplier" web role should be able to view the technical data columns, while users with the "External User" role should not have access to these specific columns.

Here's what I've done so far:
+I’ve configured table permissions correctly for both web roles.
+I’ve also attempted to use column-level permissions, but it seems this approach is either insufficient or not the right method in this context.
+The site settings appear to be correctly configured, and general access to the table works as expected.

However, the technical data is still visible to both roles. Is there any Solution without a Azure Function App?
Categories:
General
  • Verified answer
    TD Profile Picture
    TD 36 on at
    Restricting Column-Level Access in Dataverse Table for Specific Web Roles
    G'Day,
     
    Can clarify some confusion to this as:
    Web roles do not map directly to Dataverse security roles.

    • Web roles are Power Pages-specific constructs used to define permissions for authenticated website users (contact-based users)

    • Dataverse security roles are for internal users (licensed users like employees with a Power Apps or Dynamics 365 license)

    • And there is no direct mapping between the two.

    It could be the PowerPages will still respect dataverse-level CLS and locks externals out by default. But since you've stated that dataverse-level CLS is either insufficient or not the right method in this context, then i would suggest another table which wraps the existing table with the technical data columns for your internal facing app or portal which can be accomplished by their using the original DV table as an external data source on a virtual table and adding custom columns to it or simply using the original table as a lookup in the table with technical data column.

    Appreciate that this isn't an ideal solution,

    Rgrds,

    TD

    If this solved your issue, please mark it as the ✅ Accepted Answer and give it a like 😊.

  • Suggested answer
    Michael E. Gernaey Profile Picture
    Michael E. Gernaey 45,183 Super User 2025 Season 2 on at
    Restricting Column-Level Access in Dataverse Table for Specific Web Roles
     
    Please read this
     
    From here you can also see the other layers in case you need help with those as well. 
     
    Again since you didn't share any pictures or anything of what you did, I cannot tell you what you didn't do correctly, but I can point you to the documentation.
     
    If this helps resolve your issue please Mark as such, and Maybe a Like
     
    If you still have issues, please sure pictures of specifically what you are doing so it can be verified as the right steps
    Thanks
  • CU11072008-0 Profile Picture
    CU11072008-0 4 on at
    Restricting Column-Level Access in Dataverse Table for Specific Web Roles
    Thank you very much for your response. I really appreciate your input.
     
    However, I’m currently looking for a solution specifically for external users accessing our site through Power Pages. These users are not internal to our organization and authenticate via the portal. 
     
    From your message, I believe you are referring to the Dataverse security roles for internal users, which unfortunately do not apply to external portal contacts. Column-level permissions and role assignments in that context don’t seem to have an impact on visibility for Power Pages visitors.
     
    Would you happen to have experience with securing API access or data visibility based on Web Roles used in Power Pages?
  • Suggested answer
    Michael E. Gernaey Profile Picture
    Michael E. Gernaey 45,183 Super User 2025 Season 2 on at
    Restricting Column-Level Access in Dataverse Table for Specific Web Roles
     
    please share pictures of what you did exactly for this 
     

    +I’ve also attempted to use column-level permissions, but it seems this approach is either insufficient or not the right method in this context.
     
    As that isn't enough information to say what you did was correct or not.
     
    You should only have to go to the Entity, Data Tab, click Security Roles and associate the roles to what privilege you want for what role by adding it and then assigning the permission
     
    Cheers

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Now Available: 2025 Release Wave 2
Welcome to the Power Platform Communities
Announcing our 2025 Season 2 Super Users!

Quick Links

Announcing our 2025 Season 2 Super Users!

A new season of Super Users has arrived, and we are so grateful for…

Paul Stork – Community Spotlight

We are honored to recognize Paul Stork as our July 2025 Community…

Congratulations to the June Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Pages

#1
Lucas001 Profile Picture

Lucas001 60 Super User 2025 Season 2

#2
Fubar Profile Picture

Fubar 55 Super User 2025 Season 2

#3
surya narayanan Profile Picture

surya narayanan 35

Last month Overall leaderboard

Featured topics

Product updates

Microsoft Power Platform Community release plans