BuilderVault
Cheat sheet

Dataverse Security Roles Cheat Sheet

Fast guidance for table privileges, ownership, business units, teams, app sharing, and test-user validation.

Dataverse security rolesmodel-driven app accessPower Platform permissions

Who this helps

Developers and admins configuring secure access for Dataverse apps.

What to standardize

  • Confirm table ownership before designing roles.
  • Share the app and assign the right security role.
  • Test with a real non-admin user.
  • Document team-based access separately from record ownership.

Examples

Role review checklist

Validate access before production release.

Formula / code
- Can create own request
- Can read team requests
- Cannot delete closed requests
- Can run related flows
- Can open model-driven app
- Can access required environment

Expected result: Security issues are found before users report missing buttons or inaccessible records.

Common mistakes

  • Testing only as system admin
  • Sharing the app but not assigning roles
  • Ignoring environment access