Need an easier way to apply security roles where you provide I.T. with a more central method of updating memberships to grant access to things? Or perhaps need to grant access to Dataverse data based on peoples existing memberships in role based security groups in Azure Active Directory?
In this blog post, I’m going to show you how to do just that with Dataverse teams linked with AAD security groups. It’s nice and simple, just follow these steps! 🙂
Creating an AAD security group
The first thing we need to do is create a security group in Azure Active Directory to use. Or we can use an existing one. You can do this via the Microsoft 365 admin center, the Azure Portal or via various command line methods.
I’m going to create a security group in the Microsoft 365 admin center.
Following this we’ll need to go into the Power Platform admin center, and select the environment we want to apply security roles in.
Creating a Dataverse team based on an AAD group
Head to the Power Platform admin center at admin.powerplatform.microsoft.com, then select ‘environments’.
Now select the environment you want to apply access to using the membership of your just created security group.
From here under ‘Access’ we need to select ‘See all’ under ‘Teams’.
You might have a few things here already, but select ‘Create team’
From here we can start to create our Dataverse team with a name and description. We’ll need to provide the business unit we want to put it under and give it an administrator. For the team type, we then want to select ‘AAD Security Group’, then use the ‘Group name’ input to search for your AAD group that you created or that pre-existed and you want to use.
Next we’ll be able to apply the security roles we want to the team we’ve just created.
Click save and thats it! Now you have a security group in Azure AD and you’re applying a Dataverse security role to the membership of that security group!
Hopefully you found this blog post helpful. If you didn’t understand something, let me know in the comments below.