Security for entity ID filtering

Additional security roles, operations, and tasks are defined for the Dynamics GP service to support entity ID filtering. These roles, operations, and tasks indicate whether entity ID filtering will be applied for the current web service user.

For example, granting access to a role that contains the operation Query Sales Orders allows the user to retrieve any sales order. Granting access to a role that contains the operation Query Sales Orders Based On User allows the user to retrieve only those sales orders that have an ID (such as the Salesperson ID) mapped to the current Windows User.

Roles that contain the tasks and operations that implement entity ID filtering have the word "Self" in their name. Users assigned to these roles will be able to see only objects that are associated to them based on the entity ID assignments. For example, the Salesperson - Self role provides access to customer, salesperson, and sales transaction information for the salesperson assigned to the current user.

The following diagram shows how the security settings for entity ID filtering control access for a "GetByKey" operation in the Dynamics GP service:

When entity ID filtering is used for GetList operations, the Scope property of the criteria used for the operation also affects what values are returned. You will learn more about using the Scope property in Implementing entity ID filtering. The following diagram shows how the Scope property and security settings for entity ID filtering control access for a "GetList" operation in the Dynamics GP service: