How to: Create a Field Security

This walkthrough you will learn what needs to be set up in order to create a field security so you can authorize users for specific fields in a table in Microsoft Dynamics 365 Business Central.


Rental company RentCo wants to limit the permission to modify of the fields Gen. Bus. Posting Group, VAT Bus. Posting Group and Customer Posting Group on the customer card to one user, for blocked customers only. Five users have a permission set with the direct modify permission for the Customer table (id 18). Two users have authorizations through the default Dynamics 365 Business Central permission set SLS-CUSTOMER, the other three users have SLS-CUSTOMER, EDIT.

Because Business Central only supports authorization for complete tables, RentCo implements the extension Compliance Field Security.

  • Extension Field Security is installed and setup is completed
  • Setup of Field Security is done
  • To create field securites you need an account with only D365 BUS FULL ACCESS and LOCAL permission set assigned.

This walkthrough shows how to create the field security to authorize customer posting groups and block modification by non-authorized users.

1. Choose the Search field in the top right corner and search for Field Security List.

2. On the list of field securities, click New.

3. Fill the fields as necessary in the Field Security window:

  • The No. is populated automatically.
  • Document the purpose of the field security in the field Description.
  • Choose the AssistEdit button in the Table ID field and select the table Customer. Alternatively, you can enter id 18 without opening the list of tables.
  • Click Show more to also display the fields Filter Field No., Filter Field Caption and Filter Value.
  • Choose the AssistEdit button in the Filter Field No. and select the field Blocked. Again, you can also enter the id without opening the list of fields.
  • Enter the types of blocking in the Filter Value field.There are two approaches:* Enter the filter values by text, or * retrieve the list options of the field Blocked by entering 0|1|2|3 . The software retrieves the textual value, after which you can remove any status you do not need.
  • Default Editable defines the type of field security you set up.* ​​​​​​​False: default no fields can be modified except the ones you set up in the lines; * True: default all fields can be modified except the ones you set up in the lines.

4. Fill the lines on with the fields VAT Bus. Posting Group, Customer Posting Group and Gen. Bus. Posting Group. To select fields, click the AssistEdit button on the line and select a field in the list. Alternatively, you can enter the id's.

5. Additionally, create a new line with the field Blocked. Users need not be able to (un)block customers themselves if you use that field to determine whether they are allowed to edit the posting groups.

6. Permission to edit a field is granted through assignation of a permission set. Assign permission set(s) to the field you entered in the previous step.

  • Open the window Permission Sets per Field Security by clicking the number No. of Assigned Permission Sets on the line.
  • Click New to add a new line.
  • Choose the first line and select the AssisEdit button.
  • Confirm the selection by clicking OK. - Two important considerations when adding permissions sets: * Permission sets with direct (Yes) and indirect modify permissions, but without assigned field security can edit any field in the table, and * If a user has any permission set with an attached field security a permission set not included in the field security, the complete field security to that user. In short, a field security can only be active for all users if all permission sets with a modify permission in the system are assigned to the field security.

7. If you have set up one line with the permission sets, you can copy the linked permission sets to all fields defined with the option in the right mouse menu. Permission sets to be copied are added to those already present, no assigned permission sets are removed.

8. The field security is not loaded at user login until the Starting Date contains a date in the past (or today). Furthermore, the field security is inactive when the field End Date contains a date in the past.

  • The field security becomes active after the assigned permission set(s) are assigned to user account(s). Assign the permission sets to users who do not need to approve any purchase orders, purchase invoices or purchase credit memos.

​​​​​​​​​​​​​​9.If the user for which you have set up a field security logs out of Business Central and logs in again, the new configuration is activated.


  • complianceapps/3field_security/walkthroughs/1create_a_field_security.txt
  • Last modified: 2020/11/04 15:27
  • by luukvm