/
BC Permission Sets

BC Permission Sets

In this article

Introduction

Permissions in Business Central control what users can access and do within the system. Permissions are grouped in Permission Sets, which can be assigned directly to users or Security Groups. Permission sets help you manage the information that users can view or modify.

This document explains permission sets, shows you how to determine what’s included in a permission set, and demonstrates how to make basic edits to a permission set. Permission sets are used to manage the level of access your users have in your 365 Cannabis system. They can be broad or grant access to specific information. Access can be granted to:

  • Tables

  • Table Data

  • Reports

  • Pages

  • And more

Permission sets are cumulative, meaning that a user can have multiple permission sets that add together. If you add several permission sets to a user, then they will be granted access to all the information in all of those permissions.

365 Cannabis provides a set of standard permission sets to meet the needs for most roles that we see, but system administrators can also create their own permission sets or modify existing ones. We recommend speaking with one of our consultants for more information on how to modify and create permission sets.

See more from Microsoft here:

Define granular permissions - Business Central

To view permission sets

  1. Search for Permission sets.

  2. To view the complete list of the tables and items that a permission set gives access to, select the permission set that you’d like to view and select Permissions in the ribbon.
    NOTE: You may need to select the ellipses in the ribbon the reveal the Permissions option. You may also select the vertical ellipses and select Permissions from there.

  3. A table will open that displays information about the permission set. You’ll be able to see the following columns:

    1. Object Type

    2. Object ID

    3. Object Name

  4. Information about the level of access a user has with that permission set.

  5. You can make changes to this permission set by selecting the line you want to edit and then selecting More options > Actions. From there, you’ll see options to make changes to the selected line on a permission set.

  6. The main fields that allow users to make changes to the system are as follows:

    1. Insert – Gives users the ability to add entries to the specified table.

    2. Modify – This allows a user to make changes to existing entries on the table.

    3. Delete – Allows the user to remove entries from the table.

Types of Permission Sets

  • System: Predefined by Microsoft. Cannot be edited.

  • Extension: Added via apps/extensions.

  • User-Defined: Custom permission sets that can be edited or created by you.

Creating or Editing a Permission Set

  1. Navigate to Permission Sets.

  2. Select an existing set and click Copy Permission Set (only if it’s not user-defined).

    image-20250716-202454.png

  3. Modify the new user-defined set:

    • Add/remove Table Data.

    • Define Read, Insert, Modify, Delete, or Indirect rights.

    • “Indirect” means access is granted through another permitted table (e.g., dropdown selections).

Assign permission sets to users

See more from Microsoft here.

Minimum Required Access

To log in and use the system, a user needs at a minimum:

  • 365 Basic permission set

  • If not using the SUPER permission, ensure basic access sets like 365 Basic and Agriware OPS are included.

  • SUPER grants all access and overrides other sets.

  1. Navigate to the User Card.

  2. Scroll to the User Permission Sets FastTab.

  3. Select the Permission Set you’d like this user to have.

  4. Optionally define Company Access:

    • Leave the Company field blank = access to all companies.

    • Specify a company = restrict to that one only.

    image-20250716-201547.png

Effective Permissions and Testing Access

View a User’s Effective Permissions

  • Go to Effective Permissions.

  • Select the user.

  • Review what they can do per table (Read/Insert/etc.).

Important Testing Tips

  • Never test new permissions on your own user; you could lock yourself out.

  • Use a test user or schedule time with a colleague to try new permissions.

Best Practices

  • Start with a permissions matrix in Excel:

    • Define roles, required tasks, and assign permissions accordingly.

  • Avoid over-restricting access unless required for compliance.

  • Use simplified profiles (like “365 Simplified Finance” or “365 Simplified Cultivation”) for cleaner user interfaces.

  • Don’t assign unnecessary permissions if “SUPER” is applied—this can clutter and confuse the setup.

Troubleshooting Login and Access Issues

  • If a user cannot log in:

    • Ensure they have at least 365 Basic.

    • Check if company access is blank (for all companies) or restrictively set.

    • Refresh the browser or ask them to sign out and back in after changes.

  • If errors persist despite permissions:

    • Review their Profile Role Center.

    • Validate that the company assigned matches the one in the permission set.

    • Contact your system admin or IT if using Azure Security Groups for further control.