In Power Platform / Dynamics 365 Customer Engagement, you use field-level security to restrict access to specific fields to specific users and teams. Field-level security can be applied to both custom fields and many out-of-box (OOB) fields.
The following steps describe how to restrict access to a field:
- Enable field-level security for an attribute
- Create a field-level security profile
- Associate users or teams with the profile
- Add specific field permissions, such as Create, Update or Read for a specific attribute to the profile
Which attributes can be secured?
To see which attributes can be secured, you can query the entity metadata for the following properties:
There are a few additional rules that apply to certain attribute data types:
- Boolean attributes can be secured for create and update operations but not for read.
- Option set attributes can be secured for create, update, and read when a default value is unspecified.
Entity-level / Record-level field security
Field level security by default enables field-level protection for the whole entity. There are some tricks to apply field-level security on the specific record level (TBD).
When you call the data Retrieve and RetrieveMultiple null values are returned for secured fields. There are no exceptions.
Create or update cases
When you call the Create or Update method, passing data for secured fields and the caller does not have sufficient permissions, an exception is thrown.