Configuring Field Level Security Profile
In our last blog, we shared knowledge on Global Search in MS CRM 2015. Today, let’s discuss about how to Configure Field Level Security Profile in MSCRM 2015.
In MSCRM, Record-level permissions are granted at the entity level. Sometimes, we may have certain fields associated with an entity that contain data that is more sensitive than the other fields. For these situations, we use field level security to control access to specific fields.
Permissions Available for Field Level Security
A security profile can be configured to grant user or team members the following permissions at the field level:
- Read. Read-only access to the field’s data.
- Create. Users or teams in this profile can add data to this field when creating a record.
- Update. Users or teams in this profile can update the field’s data after it has been created.
A combination of these three permissions can be configured to determine the user privileges for a specific data field.
Let’s use the example of restricting access to user John Smith on the field named Password that appears on the Contact entity form.
In the customization page for the Contact entity, a new field Password is added and Field security option is set to enable. The customization is saved and published.
The next step is to define a Field Security Profile.
Navigate to Settings > Security > Field Security Profiles.
Create a new profile Restrict Contact Password and save it. Now click on Field Permission as shown in screenshot
It will show list of all the fields which are enabled for Field Security Profile. We can select the access from the different level of access which are Read, Write and Update.
In our case, we are not allowing user John Smith either to Read, Write or Update. Hence we have given No to all these levels.
Once these permissions have been configured we can select which users and/or team(s) the Field Security Profile will apply to, i.e. which users and teams will be restricted from accessing this field.
User John Smith is added into the restricted user list.
Now when the user John Smith logs into the CRM, he is not allowed to update/read the field Password as shown in below screenshot
In CRM 2013 this feature was limited to custom fields. But CRM 2015 has included Field Security to OOB fields as well.
In CRM 2013, Field Security property for a field will be disabled by default.
But the same will be enabled in CRM 2015.
Field security can’t be applied on the Primary key fields.
Thanks!! And we will keep sharing our knowledge..
A Dynamics CRM developer who is passionate about learning CRM which excites him.All stories by: Vijay Bonam