Dynamics 365 Contact Center – Privileges and role-based access

🚨 The Signal: Dynamics 365 Contact Center now supports role-based access via Microsoft Entra security groups. This simplifies access management, reducing the risk of privilege creep and improving consistency for agents and customer service representatives.

The Impact

Admins are affected by a change that improves access control security by centralising role assignments.

  • Admins: Reduced manual effort for user provisioning and de-provisioning.
  • Security Teams: Improved consistency and auditability of access assignments.
  • Users: Consistent access to required Dynamics 365 Contact Center functions.
  • Compliance Teams: Easier demonstration of least privilege principles.

The Action

  1. Create a Microsoft Entra security group and add relevant users.
  2. In Power Platform admin center, create a Dataverse team.
  3. Set the Dataverse team type to 'Microsoft Entra ID Security Group'.
  4. Link the Dataverse team to the newly created Entra security group.
  5. Assign required user security roles (e.g., Basic User, Omnichannel Agent) to the Dataverse team.

Domain: Entra · Impact: medium · Workload: M365 Apps · Essential Eight: Restrict Administrative Privileges, Multi-Factor Authentication · ISM: ISM-0109, ISM-0123, ISM-0140, ISM-0445, ISM-0974, ISM-1173, ISM-1175, ISM-1228, ISM-1380, ISM-1401, ISM-1504, ISM-1505, ISM-1507, ISM-1508, ISM-1509, ISM-1647, ISM-1648, ISM-1650, ISM-1679, ISM-1680, ISM-1681, ISM-1682, ISM-1683, ISM-1686, ISM-1688, ISM-1689, ISM-1815, ISM-1819, ISM-1872, ISM-1873, ISM-1874, ISM-1883, ISM-1892, ISM-1893, ISM-1894, ISM-1897, ISM-1898, ISM-1906, ISM-1907