User Access Flow for Microsoft 365 Licences
Security groups are new to Business Central in 2023 release wave 1. They're similar to the user groups that this article mentions. Like user groups, administrators assign the permissions to the security group that its members need to do their jobs.
User groups will no longer be available in a future release. You can continue using user groups to manage permissions until then. To learn more about security groups, go to Control Access to Business Central Using Security Groups.
This article describes what happens when a user accesses Business Central data using their Microsoft 365 licence for the first time. Understanding this flow allows administrators to plan their approach and configure Business Central to match their business needs.
- First, the user’s identity is authenticated
- Business Central verifies that all the minimum requirements are met.
- Business Central verifies that this user does not have a greater licence, such as a Business Central licence or an administrative role such as a delegated admin role.
- Business Central verifies whether the user is accessing data that belongs to an environment that has enabled access with Microsoft 365 licences.
- The user record is provisioned in Business Central, assigning the User Group, Profile and Permission Sets defined in the Microsoft 365 licence configuration page. By default, the Teams Users user group is assigned, the Employee profile is assigned, and only the Login permission set is assigned. Any other defaulting of user settings is also applied, just like a licensed Business Central user.
- The full Business Central security model is applied, to determine whether the user should be able to access the record, page, in the specified company and specified environment.
If all steps succeed, the user can now view this Business Central data in Teams. The Business Central service automatically ensures read-only access and simplifies the UI.
The user account is now registered in Business Central and can be managed like any Business Central user.
Note
Steps may vary depending on any additional security configuration that you have specified in Microsoft 365 or Business Central.
See also
Business Central Access with Microsoft 365 licences
Set Up Access with Microsoft 365 Licences
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for