security-unified-service-desk.md

title	description	ms.date	ms.topic	author	ms.author	search.audienceType	ms.custom	tags
Manage access in Unified Service Desk | MicrosoftDocs	Learn how to control user access to Unified Service Desk by using configuration and security roles.	06/27/2024	article	gandhamm	mgandham	admin	evergreen	MigrationHO

Access management in Unified Service Desk

Overview of access control

[!INCLUDEpn_unified_service_desk] configuration entities and the underlying [!INCLUDEpn_user_inteface_integration_uii] entities are stored in Microsoft Dataverse, and you can use the Dataverse security model to govern access to both of these entities. Dataverse has a robust security model that combines role-based, record-level, and field-level security to define the overall security rights that users have. [!INCLUDEproc_more_information] Security concepts for Microsoft Dynamics CRM

[!INCLUDEpn_unified_service_desk] users can be broadly classified into two categories:

• Administrators: People who configure the [!INCLUDEpn_unified_service_desk] and UII entities to define an agent application.

• Agents: People who use the [!INCLUDEpn_unified_service_desk] client application to read the configuration in the [!INCLUDEpn_unified_service_desk] and UII entities to perform their day-to-day work in a call center.

Using Unified Service Desk security roles

When you deploy [!INCLUDEpn_unified_service_desk] to the Dataverse instance, four security roles are created:

• UIIAdministrator and UIIAgent roles define access to the UII and required the Dataverse entities.

• USD Administrator and USD Agent roles define access to the [!INCLUDEpn_unified_service_desk] entities, the underlying UII entities, and required the Dataverse entities. You must assign one of these two roles to users in your organization depending on their job role (administrator or agent).

  [!INCLUDEproc_more_information] Implement security using custom security roles

Using Unified Service Desk configuration

Another approach to filtering access to [!INCLUDEpn_unified_service_desk] data is through the use of configurations. A configuration is the logical grouping of various components in the [!INCLUDEpn_unified_service_desk] agent application such as action calls, agent scripts, entity searches, events, and hosted controls. The configuration can be assigned to a user so that when the user starts the [!INCLUDEpn_unified_service_desk] agent application, only the components included in the configuration are displayed. This is a great way to filter things that you want to be displayed to your agents without having to manage their security roles. However, please keep the following things in mind:

• A configuration can only be assigned to a user, and not to a team in Dataverse.

• A configuration only filters the components when you access [!INCLUDEpn_unified_service_desk] information through the client application. If you access Dataverse or [!INCLUDEpn_microsoft_dynamics_crm_for_outlook] directly, you can access data as per your Dataverse security role.

  [!INCLUDEproc_more_information] Manage access using Unified Service Desk configuration

See also

Manage access using Unified Service Desk security roles

Manage access using Unified Service Desk configuration

[!INCLUDEfooter-include]