Security roles

A security role in Dataverse and the Dynamics 365 CRM-side apps is a named bundle of privileges on tables (create, read, write, delete, append, append-to, assign, share), each with a scope (user, business unit, parent:child BU, organisation). Users are assigned one or more security roles; their effective access is the union of all assigned roles. Microsoft ships built-in roles — Salesperson, Customer Service Representative, System Administrator, etc. — that customers copy and adjust. Field-level security profiles, teams, and row sharing complement security roles for finer-grained control. Designing a clean role hierarchy is one of the most important Power Platform implementation tasks; running an audit annually keeps it tidy.