Microsoft Power Platform · Dataverse Security Roles
System Administrator
Highest Dataverse security role. Full control over the Dataverse environment including schema, security roles, and all data.
Scope: Single Dataverse-enabled environment
Permissions
- Schema - Create, modify, and delete tables, columns, relationships
- Security roles - Create and assign Dataverse security roles
- All records - Full create, read, update, delete, append, append-to, assign, share on all tables
- Solutions - Import, export, and manage solutions
- Business units - Manage the business unit hierarchy
- Field security - Configure column-level security profiles
Common use cases
- Dataverse platform owner
- Solution implementer (typically removed post-deployment)
Best practices
- Cannot be removed from Environment Admins automatically
- Limit to 2-3 users per environment
- Document why each System Administrator needs the role
Security considerations
- Bypasses business unit and field-level security
- Can grant System Administrator to others
- Cannot be assigned via security groups inside Dataverse (assigned directly to users)