Microsoft Power Platform · Dataverse Security Roles
App Opener
Allows a user to open and run a model-driven app but does not grant access to data inside the app. Always paired with another role that grants the actual data access.
Scope: Single Dataverse environment - app launch only, no data access
Permissions
- Apps - Open and run model-driven apps the user is shared on
- No data privileges - Must be combined with another role for read/write/delete access
Common use cases
- Lightweight role for users who need to launch an app without baseline Dataverse table access
- Pair with custom security roles for narrow per-app access
Common questions
When should I assign the App Opener role?
Assign App Opener when you need to: Lightweight role for users who need to launch an app without baseline Dataverse table access; and Pair with custom security roles for narrow per-app access. It is part of Microsoft Power Platform and should be granted as a least-privilege alternative to broader roles like Global Administrator.
What can someone with the App Opener role do?
The App Opener role grants permissions including: Apps - Open and run model-driven apps the user is shared on; and No data privileges - Must be combined with another role for read/write/delete access. See the Permissions section above for the full list.