With role-based security, access to finance and operations apps is not granted to individual users, but to security roles to which users are assigned. A user who is assigned to a security role has access to the set of privileges that is associated with that role. If a user isn't assigned to a role, they are unable to access the finance and operations apps application.

To access finance and operations apps and be assigned to a role, a user must have an authenticated Microsoft Entra ID account.

In finance and operations apps, role-based security is aligned with the structure of an organization. Users are assigned to security roles based on their daily job responsibilities. Depending on the user, one role or many roles might be assigned. Roles contain duties, privileges, and permissions that control access to system components. The administrator grants access to the user for the duties that they perform. After security roles, duties, and privileges have been set up, business managers can control user access as their business needs change.