Power Apps / Dynamics 365 for Customer Engagement provides a security model based on:
- Organization hierarchy security – building a tree of organization units
- Role-based security – grouping a set of privileges together via the security Role.
- Record-based security in Dynamics 365 Customer Engagement (on-premises) focuses on access rights to specific records.
- Field-level security in Dynamics 365 Customer Engagement (on-premises) restricts access to specific high business impact fields in an entity only to specified users or teams.
You can combine hierarchy, role-based security, record-level security, and field-level security to define the overall security rights that users have within your Power platform / Dynamics 365.
Power Apps / Dynamics 365 security Knowledge Base consist:
- Business units
- Security roles
- Security teams
- User management
- Record security
- Field security
There are multiple articles on MSDN and expert blogs that would be referenced during the KB topics. There are two old but still solid documents from Microsoft that recommended to read:
- Access Teams with Microsoft Dynamics CRM 2013 – initial guide created right after the Access team was introduced. Average size and easy to read. Would be helpful to understand key differences between Access and Owner teams
- Scalable Security Modeling with Microsoft Dynamics CRM 2015 – a very solid guide on all aspects of Dynamics security. This white paper describes how security modeling features in Microsoft Dynamics CRM 2015 and Microsoft Dynamics CRM 2016 related to authorization work at scale, the associated implications, and guidance on common and recommended usage patterns for modeling Microsoft Dynamics CRM 2015 and Microsoft Dynamics CRM 2016 security at scale, incorporating teams as appropriate. This document is still actual and highly recommended. It would be hard to read but it would be valuable knowledge for you.