A Power Apps developer has sufficient permissions to create apps, connections, and flows.
The developer does not have permissions needed to access company data.
You need to grant the developer access to company data for an app.
Which predefined security role should you assign to the developer?
The Common Data Service User security role provides the necessary permissions to access and interact with Common Data Service (CDS) data, which is often the underlying data source for Power Apps. This role ensures the developer has the required permissions to work with company data within the app.
The Delegate role allows a user to access and manage certain types of company data, such as accounts and contacts, but not others, such as financial data. This role is typically used for individuals who need access to specific types of data for their job, such as a sales representative or customer service representative.
In exam 2022/Nov/21
Delegate: Allows code to impersonate, or run as another user. Typically used with another security role to allow access to records. More information: https://learn.microsoft.com/en-us/power-platform/admin/database-security#predefined-security-roles
CDS User: It has privileges to the core business tables, such as Account, Contact, and Activity.
C. Common Data Service User" security role. This role provides the necessary permissions to access and interact with the Common Data Service (CDS) data, which is often the underlying data source for Power Apps. Assigning this role ensures that the developer has the required permissions to work with company data within the app.
I would say the correct answer is C: Common Data Service User (now called Basic User). Based on: https://learn.microsoft.com/en-us/power-platform/admin/database-security#predefined-security-roles A: Environment Maker - NO "However, this role doesn't have privileges to access data in an environment." B: System Customizer - NO "Can view all custom table data in the environment. However, users with this role can only view records that they create in Account, Contact, Activity tables." C: Basic User - YES "It has privileges to the core business tables, such as Account, Contact, and Activity." D: Delegate - NO "Allows code to impersonate, or run as, another user." "The actual set of privileges that is used to modify data is the intersection of the privileges that the impersonator user possesses with that of the impersonated user. In other words, the impersonator is allowed to do something if and only if the impersonator and the impersonated user have the privilege necessary for the action."
CoPilot says System Customiser as this role provides the necessary privleges to access and configure data within the app. It allows customisation of the app without full admin privileges.
Environment Make - No Can create new resources associated with an environment, including apps, connections, custom APIs, gateways, and flows using Microsoft Power Automate. However, this role doesn't have any privileges to access data in an environment. System Customizer - No Has full permission to customize the environment. Can view all custom table data in the environment. However, users with this role can only view records that they create in Account, Contact, Activity tables. Basic User(CDS user) - No This user cannot access any custom entities and it is used for out-of-the-box entities only, can run an app in the environment and perform common tasks on the records they own. It has privileges to the core business tables, such as Account, Contact, and Activity. Delegate - Yes Allows code to impersonate, or run as, another user. Typically used with another security role to allow access to records.
C. Common Data Service User