Loading...

Dynamics 365 / Dataverse TDS endpoint Control Access and rights

Dynamics 365 / Dataverse TDS endpoint Control Access and rights
Dynamics 365 / Dataverse TDS endpoint Control Access and rights Lloyd Sebag Mon, 03/11/2024 - 15:29
Body

Dynamics 365  Dataverse TDS endpoint Control Access and rights

Following up on the previous two articles regarding subjects How to access the Dynamics 365 online SQL Server database and Dynamics 365 / Dataverse access SQL Server database from C#, here's a third one that will illustrate how to control access to this endpoint.

Initially, when this feature was first released, Microsoft hadn't yet implemented a mechanism allowing for selective access to this endpoint. It was an all-or-nothing scenario, where the parameter had to be activated at the level of the entire organization, either enabling it for everyone or for no one. Given that this endpoint granted access to data in a new way and was quite permissive, many companies simply opted not to activate it for security reasons.

However, Microsoft has now introduced a new option that could put TDS back in game. This option not only allows for enabling TDS for the entire organization as before, but also enables the selection of who, or rather which role, can use it. This is now possible thanks to the introduction of a new privilege named "prvAllowTDSAccess," which is rather self-explanatory :)

Here's the official documentation covering this feature: https://learn.microsoft.com/en-us/power-platform/admin/control-tds-settings

Step by Step 

To get started, go to admin.powerplatform.microsoft.com and select your environment  

Then click on Settings and navigate to Product > Features

Dynamics 365 / Dataverse TDS endpoint Control Access and rights

Then on the page, at the TDS Chapter level, you will see this new option: Enable user level access control for TDS endpoint

Dynamics 365 / Dataverse TDS endpoint Control Access and rights

Once activated, all you need to do is go to one of your security roles with which the user will have the right to access TDS and assign this privilege.

Go again to admin.powerplatform.microsoft.com and select your environment.

Then go to Users > Security Roles

Dynamics 365 / Dataverse TDS endpoint Control Access and rights

Then click on Miscellaneous privileges then select Show All Privileges and you should be able to add the prvAllowTDSAccess privilege to this role.

Dynamics 365 / Dataverse TDS endpoint Control Access and rights

NB : If you are unable to see the list of Miscellaneous privileges you can also assign this via C# code. Explained in this article.  https://dynamics-chronicles.com/article/assign-privileges-security-role-code-c

Thus, all users with this role will be authorized to use the TDS endpoint, the others will receive an error!

Support of Security Roles 

An important point to remember, which may seem obvious, the user's security roles will apply to the requested SQL objects. Indeed, SQL actually exposes filteredviews applying the application's security model.

Thus, in the example below, the user has the right to access Contact data but not the configuration table. The user will get the following error if they try. 

Dynamics 365 / Dataverse TDS endpoint Control Access and rights

Dynamics 365 / Dataverse TDS endpoint Control Access and rights

Image
/sites/default/files/2024-03/Dynamics%20365%20%20Dataverse%20TDS%20endpoint%20Control%20Access%20and%20rights.jpeg

Published on:

Learn more
Featured Articles | Dynamics Chronicles
Featured Articles | Dynamics Chronicles

Welcome to our blog, the content is entirely dedicated to Microsoft Dynamics 365, CRM, Power Platform, Common Data Service (CDS) but also Azure. Follow us !

Share post:

Related posts

Microsoft Build 2025: Highlights across Copilot Studio and Power Platform

Microsoft Build 2025 delivered a wave of updates for agent makers. I’ve pulled together the announcements across Copilot Studio and Power Plat...

3 days ago

Debunking: Dynamics CRM Destination – How Text Lookup Works

When we want to push data to Dataverse/Dynamics CRM using SSIS – KingswaySoft, usually there are relationships (lookup) that we need to ...

6 days ago

Understanding Activity Party Types in Dynamics 365 CE

Dynamics 365 Customer Engagement features 11 unique activity party types, identified by specific integer values in the ActivityParty.Participa...

6 days ago

Empowering the Future: Microsoft’s Vision for an Agent-Powered Digital Era with Power Platform

What a busy week! The developer community got the latest updates on AI, Microsoft developer tools, and more at Microsoft Build 2025. Highlight...

7 days ago

Power Platform Data Export: Track Cloud Flow Usage with Azure Application Insights

In my previous article Power Platform Data Export: Track Power Apps Usage with Azure Data Lake, I explained how to use the Data Export feature...

8 days ago

Power Platform & M365 Dev Community Call – May 22nd, 2025 – Screenshot Summary

Call Highlights   SharePoint Quicklinks: Primary PnP Website: https://aka.ms/m365pnp Documentation & Guidance SharePoint Dev Videos Issues...

9 days ago

Power Platform admin center – Dark Mode in the new PPAC

We are announcing the ability to use Dark Mode in the new Power Platform admin center. This feature will be introduced as part of the new Powe...

9 days ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy