Roles and security in AI Builder
AI Builder relies on environment security and Microsoft Dataverse security roles and privileges to grant access to AI features in Power Apps, Power Automate, and Microsoft Copilot Studio. For more information, go to Security overview.
Some privileges are set by default in Dataverse. This allows built-in security roles to use AI Builder without further actions from system administrators. Specifically:
- Environment makers can use AI Builder to create AI models and prompts.
- Basic users can access data by using the models and prompts embedded in Power Apps.
- System administrators and system customizers can access all AI models and prompts created in the environment.
These security roles have privileges to the AI Builder tables in Dataverse. Custom security roles can create AI models and prompts if they have the same access to the AI Builder tables as the Environment Maker role.
Scenarios such as object detection, category classification, and prediction need read access to Dataverse tables. Make sure Environment Makers have access to them. They need those tables for objects to detect, tagged text, and input data.
Some features need System Customizer privileges to publish your AI models and to allow them to be consumed. These actions can make changes to the Dataverse schema. Administrators should assign System Customizer privileges to users who want to create such AI models.
When you create a prediction AI model, a new data column is added to the input table to store the prediction results. For this reason, you need at least System Customizer rights to publish the model for the first time.
For category classification AI models, a data table is created for every new model as soon as the model runs for the first time. Therefore, only System Customizers or System Administrators can run the model. After the model runs, System Administrators must modify the access rights to the newly created category classification table in Dataverse to allow users to use the results.
Microsoft Dataverse permissions are mapped to the Dataverse standard roles. Assigning these roles to a user provides the necessary privileges to use AI Builder features as described in this table.
Privilege | System Administrator/Customizer | Environment Maker | Basic User | No privilege |
---|---|---|---|---|
View AI Builder Explore page | ✓ | ✓ | ✓ | ✗ |
Create a model/prompt | ✓ | ✓ | ✗ | ✗ |
View and use a created model/prompt | ✓ | owned or shared model/prompt | owned or shared model/prompt | ✗ |
Create a flow to call a model/prompt | ✓ | ✓ | ✗ | ✗ |
Create an app to call a model/prompt | ✓ | ✓ | ✗ | ✗ |
Run a flow using a model/prompt | ✓ | owned or shared flow using an owned or shared model/prompt | owned or shared flow using an owned or shared model/prompt | ✗ |
Run an app using a model/prompt | ✓ | owned or shared app using an owned or shared model/prompt | owned or shared app using an owned or shared model/prompt | ✗ |
View AI Builder activity | ✓ (all rows) | ✓ (owned rows) | ✓ (owned rows) | ✗ |
By default, a model/prompt is only accessible by the owner of the model/prompt, so it must be shared to be used by other users. To share a model/prompt:
On the left panel:
- (For models) On the left panel, select AI Models > My models > model name
- (For prompts) On the left panel, select AI Models > the Prompts now have their own section tile > My prompts > prompt name
To access its details page, find and select the model’s or prompt's name.
On the top-left corner, select Share.
- On the left panel, select AI Hub > AI prompts or AI Models.
- To access its details page, find and select the model’s or prompt's name.
- On the top-left corner, select Share.
- On the left panel, select Prompts (preview) > My prompts.
- To access its details page, find and select the model’s or prompt's name.
- On the top-left corner, select Share.
The following table shows the AI Builder system tables, which are installed by default on every new environment. The tables are used to store the model configuration and training data. Each table shows the Dataverse privilege applied by AI Builder, including when a user shares a model. See the legend below the table.
Dataverse table | Contains | Create Dataverse privilege |
Use Dataverse privilege |
---|---|---|---|
AI Builder Dataset (FP, OD, EE) | Model’s training configuration | (when shared) |
|
AI Builder Dataset File (FP, OD) | Model’s training configuration | (when shared) |
|
AI Builder Dataset Record (EE) | Model’s training data | (when shared) |
|
AI Builder Dataset Container (FP, OD, EE) | Model’s training configuration | (when shared) |
|
AI Builder File (FP, OD) | Model’s training files | (when shared) |
|
AI Builder File Attached Data (FP, OD) | Model’s training configuration | (when shared) |
|
AI Configuration | Model's versions | (when shared) |
|
AI Event | Model activity | ||
AI Model | Model | (when shared) |
|
AI Template | Model type stereotype | ||
User-defined table to be predicted (batch P & CC only) |
Users have access to the rows they created.
Users must be granted access to the subset of rows required for the business.
Users have access to all the rows of the table.
FP: document processing OD: object detection EE: entity extraction P: prediction CC: category classification
The training files stored in the AI Builder File table are accessible only by the person who created the model. The exception is the administrator, who can view and delete any model, related data, and configuration.
AI Builder doesn’t support shared ownership of a model. It's possible to change the owner by following this procedure in Share your AI model.