Dynamics 365 / Dataverse TDS endpoint Control Access and rights
Dynamics 365 Dataverse TDS endpoint Control Access and rights
Following up on the previous two articles regarding subjects How to access the Dynamics 365 online SQL Server database and Dynamics 365 / Dataverse access SQL Server database from C#, here's a third one that will illustrate how to control access to this endpoint.
Initially, when this feature was first released, Microsoft hadn't yet implemented a mechanism allowing for selective access to this endpoint. It was an all-or-nothing scenario, where the parameter had to be activated at the level of the entire organization, either enabling it for everyone or for no one. Given that this endpoint granted access to data in a new way and was quite permissive, many companies simply opted not to activate it for security reasons.
However, Microsoft has now introduced a new option that could put TDS back in game. This option not only allows for enabling TDS for the entire organization as before, but also enables the selection of who, or rather which role, can use it. This is now possible thanks to the introduction of a new privilege named "prvAllowTDSAccess," which is rather self-explanatory :)
Here's the official documentation covering this feature: https://learn.microsoft.com/en-us/power-platform/admin/control-tds-settings
Step by Step
To get started, go to admin.powerplatform.microsoft.com and select your environment
Then click on Settings and navigate to Product > Features
Then on the page, at the TDS Chapter level, you will see this new option: Enable user level access control for TDS endpoint
Once activated, all you need to do is go to one of your security roles with which the user will have the right to access TDS and assign this privilege.
Go again to admin.powerplatform.microsoft.com and select your environment.
Then go to Users > Security Roles
Then click on Miscellaneous privileges then select Show All Privileges and you should be able to add the prvAllowTDSAccess privilege to this role.
NB : If you are unable to see the list of Miscellaneous privileges you can also assign this via C# code. Explained in this article. https://dynamics-chronicles.com/article/assign-privileges-security-role-code-c
Thus, all users with this role will be authorized to use the TDS endpoint, the others will receive an error!
Support of Security Roles
An important point to remember, which may seem obvious, the user's security roles will apply to the requested SQL objects. Indeed, SQL actually exposes filteredviews applying the application's security model.
Thus, in the example below, the user has the right to access Contact data but not the configuration table. The user will get the following error if they try.
Dynamics 365 / Dataverse TDS endpoint Control Access and rights
Published on:
Learn moreRelated posts
Power Platform admin center – Unlock customer managed key environments by restoring access to the key vault
We are announcing the ability to re-enable locked customer managed key environments in Power Platform admin center. This public preview featur...
Dynamics 365, Power Platform & Copilot 2025 Release Wave 2 Overview
With Microsoft’s upcoming October 2025 updates announced, we highlight the more interesting changes and new features. As with the Wave 1 relea...
Model-Driven Apps Workshop At Power Platform Conference 2025
Hey there folks 😺 I wanted to tell you about workshop I’m hosting called All-In: ... The post Model-Driven Apps Workshop At Power Platf...
Microsoft 365 & Power Platform Call (Microsoft Speakers) – Community Takeover – July 22nd, 2025 – Screenshot Summary
Call Highlights SharePoint Quicklinks: Primary PnP Website: https://aka.ms/m365pnp Documentation & Guidance SharePoint Dev Videos Issues...
Power Platform – Prompt Columns announcement
We are announcing the ability to use Prompt Columns, a new data type in Dataverse. This public preview feature will begin rolling out on July ...
Code Review vs Solution Review: Why Both Matter in Power Platform
In the Power Platform world, we often talk about code reviews for plugins, custom APIs, or PCF components. But what about the customizations—l...
Automating UI Testing for Canvas Apps with Power Platform Test Engine
Canvas Apps in Power Platform provide a flexible way to build rich, custom user interfaces using a low-code approach. However, as these apps g...
Dynamics 365, Power Platform, and Role-based Copilot offerings 2025 release wave 2 plans available now!
On July 16, 2025, we published the 2025 wave 2 plans for Dynamics 365, Microsoft Power Platform, and Role-based Copilot offerings which is a c...
Power Platform & M365 Dev Community Call – July 17th, 2025 – Screenshot Summary
Call Highlights SharePoint Quicklinks: Primary PnP Website: https://aka.ms/m365pnp Documentation & Guidance SharePoint Dev Videos I...
Power Platform – July 2025 – Screenshot Summary
Community Call Highlights Quicklinks: Power Platform Community: Power Apps Power Automate Power BI Power Virtual Agents Power Pages M36...