Microsoft clarifies who can access what inside Dataverse environments
Microsoft updated its Dataverse security roles documentation on 3 June 2026. The page now shows clearer mappings between predefined roles and the Power Apps, Power Automate, and Copilot Studio components that use them. No new roles were added. The change only improves how administrators see which built-in roles grant access to environments that contain a Dataverse database. Custom roles and environment-specific permissions still require separate configuration outside this documentation.
Until now, most builders treated Dataverse as an optional upgrade they could ignore until the app grew. The updated guidance removes some of that ambiguity by spelling out exactly which roles control which Power Platform products. Once an app moves to Dataverse, the permission model stops being the simple SharePoint list sharing the builder already understands and becomes a separate layer that must be managed alongside it.
Analysis
If your current app still fits in a SharePoint list, keep it there and avoid the second permission system. If you already need Dataverse for relational data or larger scale, spend one afternoon mapping the four or five roles your users will actually touch and write that mapping down before anyone else touches the environment.
Pulse published by Collab365 Spaces. Cite as "Microsoft clarifies who can access what inside Dataverse environments", Collab365 Spaces. 1 source referenced.