Assign security roles
Important
Some or all of this functionality is available as part of a preview release. The content and the functionality are subject to change.
You can assign roles and access management in Project ESG Reporting (preview) based on individual user needs. To provide these enhanced security and privacy capabilities, Project ESG Reporting (preview) uses the role-based security model in Dataverse.
Dataverse provides a default set of security roles, which you can learn more about in Predefined security roles in the Power Platform documentation. If necessary for your organization, you can create new security roles by editing one of the default security roles and then saving it under a new name.
You can assign more than one security role to a user. The effect of multiple security roles is cumulative, which means that the user has the permissions associated with all security roles assigned to the user. To learn how to create or edit a security role, go to Create or edit a security role to manage access in the Power Platform documentation.
Security roles are associated with business units. For any business unit you create, only the security roles associated with the business unit are available for the users in the business unit. You can use this feature to limit data access to data owned by the business unit.
You can align your structure in Project ESG reporting (preview) to Dataverse's business units to accomplish your required role-based access. For more information, go to Security concepts in Microsoft Dataverse in the Power Platform documentation.
Project ESG Reporting (preview) provides three predefined roles that you can assign to your teams or users. You aren't required to use these roles.
| Security role | Usage purpose | Security scope |
|---|---|---|
| ESG Reader | Can view the environment. | Read access only. |
| ESG Full Access | Can view, add, delete, edit across the environment. | Read and write. |
| ESG Approver | Can access the approval records to review. | Read and write for approval records only. |
If you want to modify these roles, follow the steps in Save time creating a security role by copying one in the Power Platform documentation.
Assign roles
To assign security roles to a user, you need to have the appropriate privileges (minimum privileges are Read and Assign). To prevent elevation of security role privileges, the person who assigns the security role can't assign someone else to a security role that has more privileges than the assigner. After confirming appropriate privileges, you can add a user and assign them a role by following the steps in Add users to an environment that has a Dataverse database in the Power Platform documentation.
To add or create and assign roles to teams, refer to Microsoft Dataverse teams management in the Power Platform documentation.
