Microsoft Power Platform · Dataverse Security Roles

App Opener

Allows a user to open and run a model-driven app but does not grant access to data inside the app. Always paired with another role that grants the actual data access.

Scope: Single Dataverse environment - app launch only, no data access

Permissions

Apps - Open and run model-driven apps the user is shared on
No data privileges - Must be combined with another role for read/write/delete access

Common use cases

Lightweight role for users who need to launch an app without baseline Dataverse table access
Pair with custom security roles for narrow per-app access

Official Microsoft Learn documentation →

Open the interactive RBACMap →