Business Central allows various levels of security that can be used to restrict User access to different features or objects.
We can use Permission Sets to prevent User access to specific objects like reports or pages.
For more refined, row-level authorization we can use Security Filters to restrict access to individual record based on some filters.
- Business Central OnCloud or OnPremise
Suppose, you want the User to only be able to access a specific set of Customers.
You can either create your own Permission Set from scratch, in which you will describe all the objects that the User will have access to or you can copy one of the existing ones by clicking on “Copy Permission Set” and then entering a new name for the permission set. Do note that you require proper permissions to make changes to Permission Sets as well.
- Open the Permission Set, by clicking on the “Permissions” action and Scroll to the Right.
- Click on the three dots next to the Security Filter field.
- Select the field(s) which you want to filter by clicking on the three dots next to the Field Number and then click on OK.
- Set a value for the filter in the “Field Filter” field. You can add as many filters as required and any Business Central filter is valid in this field (Except for wildcard characters). Once you are done, click on Close.
- Click on OK and add (in case there are no other permission sets and you have created your own) or replace (in case you have copied the permission set) the new permission set onto the User in the “User Permission Sets” tab of the User card.
- Login to the User Account and verify that only the records that match the mentioned filters are visible to the Users.
Thus we saw how to create and configure security filters in Business Central for maintaining record level security.
As a side note, I would like to highlight that in Business Central, in case a User has multiple Permission Sets containing different levels of permissions for the same object then Business Central combines these Permission Sets and uses the least restrictive group of Permissions. As such if you apply a Permission Set with a Security Filter and another Permission Set without the filter on the same object, Business Central will use the one without the Security Filter as it is least restrictive.