Edit

Share via


Roles and security in AI Builder

AI Builder relies on environment security and Microsoft Dataverse security roles and privileges to grant access to AI features in Power Apps, Power Automate, and Microsoft Copilot Studio. For more information, go to Security overview.

Some privileges are set by default in Dataverse. This allows built-in security roles to use AI Builder without further actions from system administrators. Specifically:

  • Environment makers can use AI Builder to create AI models and prompts.
  • Basic users can access data by using the models and prompts embedded in Power Apps.
  • System administrators and system customizers can access all AI models and prompts created in the environment.

These security roles have privileges to the AI Builder tables in Dataverse. Custom security roles can create AI models and prompts if they have the same access to the AI Builder tables as the Environment Maker role.

Screenshot of the security roles screen.

Scenarios such as object detection, category classification, and prediction need read access to Dataverse tables. Make sure Environment Makers have access to them. They need those tables for objects to detect, tagged text, and input data.

Some features need System Customizer privileges to publish your AI models and to allow them to be consumed. These actions can make changes to the Dataverse schema. Administrators should assign System Customizer privileges to users who want to create such AI models.

When you create a prediction AI model, a new data column is added to the input table to store the prediction results. For this reason, you need at least System Customizer rights to publish the model for the first time.

For category classification AI models, a data table is created for every new model as soon as the model runs for the first time. Therefore, only System Customizers or System Administrators can run the model. After the model runs, System Administrators must modify the access rights to the newly created category classification table in Dataverse to allow users to use the results.

Roles

Microsoft Dataverse permissions are mapped to the Dataverse standard roles. Assigning these roles to a user provides the necessary privileges to use AI Builder features as described in this table.

Privilege System Administrator/Customizer Environment Maker Basic User No privilege
View AI Builder Explore page
Create a model/prompt
View and use a created model/prompt owned or shared model/prompt owned or shared model/prompt
Create a flow to call a model/prompt
Create an app to call a model/prompt
Run a flow using a model/prompt owned or shared flow using an owned or shared model/prompt owned or shared flow using an owned or shared model/prompt
Run an app using a model/prompt owned or shared app using an owned or shared model/prompt owned or shared app using an owned or shared model/prompt
View AI Builder activity ✓ (all rows) ✓ (owned rows) ✓ (owned rows)

Tables and privileges

By default, a model/prompt is only accessible by the owner of the model/prompt, so it must be shared to be used by other users. To share a model/prompt:

Power Automate

  1. On the left panel:

    • (For models) On the left panel, select AI Models > My models > model name
    • (For prompts) On the left panel, select AI Models > the Prompts now have their own section tile > My prompts > prompt name
  2. To access its details page, find and select the model’s or prompt's name.

  3. On the top-left corner, select Share.

Power Apps

  1. On the left panel, select AI Hub > AI prompts or AI Models.
  2. To access its details page, find and select the model’s or prompt's name.
  3. On the top-left corner, select Share.

Microsoft Copilot Studio

  1. On the left panel, select Prompts (preview) > My prompts.
  2. To access its details page, find and select the model’s or prompt's name.
  3. On the top-left corner, select Share.

The following table shows the AI Builder system tables, which are installed by default on every new environment. The tables are used to store the model configuration and training data. Each table shows the Dataverse privilege applied by AI Builder, including when a user shares a model. See the legend below the table.

Dataverse table Contains Create
Dataverse privilege
Use
Dataverse privilege
AI Builder Dataset (FP, OD, EE) Model’s training configuration Users have access to the rows they've created Users have access to the rows they've created
(when shared)
AI Builder Dataset File (FP, OD) Model’s training configuration Users have access to the rows they've created Users have access to the rows they've created
(when shared)
AI Builder Dataset Record (EE) Model’s training data Users have access to the rows they've created Users have access to the rows they've created
(when shared)
AI Builder Dataset Container (FP, OD, EE) Model’s training configuration Users have access to the rows they've created Users have access to the rows they've created
(when shared)
AI Builder File (FP, OD) Model’s training files Users have access to the rows they've created Users have access to the rows they've created
(when shared)
AI Builder File Attached Data (FP, OD) Model’s training configuration Users have access to the rows they've created Users have access to the rows they've created
(when shared)
AI Configuration Model's versions Users have access to the rows they've created Users have access to the rows they've created
(when shared)
AI Event Model activity Users have access to the rows they've created Users have access to the rows they've created
AI Model Model Users have access to the rows they've created Users have access to the rows they've created
(when shared)
AI Template Model type stereotype Users have access to all the rows of the table Users have access to all the rows of the table
User-defined table to be predicted
(batch P & CC only)
Users must be granted access to the subset of rows required for the business Users must be granted access to the subset of rows required for the business

Users have access to the rows they createdUsers have access to the rows they created.
Users must be granted access to the subset of rows required for the business Users must be granted access to the subset of rows required for the business.
Users have access to all the rows of the table Users have access to all the rows of the table.
FP: document processing OD: object detection EE: entity extraction P: prediction CC: category classification

The training files stored in the AI Builder File table are accessible only by the person who created the model. The exception is the administrator, who can view and delete any model, related data, and configuration.

AI Builder doesn’t support shared ownership of a model. It's possible to change the owner by following this procedure in Share your AI model.

Security concepts in Dataverse