Microsoft Dynamics 365 Business Central offers powerful tools to manage user permissions. Among these, Security Filters play a crucial role in enhancing data security and operational control. This blog will walk you through what security filters are, how to apply them, and how to use the SecurityFiltering property effectively.
📌 What Are Security Filters?
Security Filters restrict access to specific records in a table based on defined field-level conditions. Unlike regular permissions, which control access to entire tables, security filters allow granular control over which rows a user can see.
🛠️ How to Apply Security Filters
Here’s how you can configure a security filter in Business Central:
✅ Step 1: Go to the Permission Sets page and click New to create a custom permission set.
✅ Step 2: Open the permission set and click the Permissions action to manage table access.
✅ Step 3: Add or locate the relevant Table Data entry (e.g., Table 18 for Customers).
✅ Step 4: In the Security Filter column, click the ellipsis (…) to open the filter editor.
✅ Step 5: Choose a field (e.g., Customer No.) in the Field Number column.
✅ Step 6: In the Field Filter column, enter filter values like:
Customer No. = 10000|20000
🔔 Note:
Wildcards like * and? are not supported. Use operators such as =, |, .., <, >.
✅ Step 7: Assign the permission set to the appropriate user from the Users page.
🧰 Understanding the SecurityFiltering Property
When you create security filters, you limit a user’s access to data in a table. Therefore, code that requires access to all data in a table fails, and the user receives an error message.
For example, the filter is the same as above. Customer.” No.” = 10000|20000
A security filter has been applied to the table Customer. You cannot access records that are outside of this filter.
You can resolve potential conflicts with security filters and specify the desired behavior by setting the security filtering mode on Record variables to determine how the security filters are applied.
Applies To:
- Record variables
- Records on pages, reports, and XMLports
- Query variables
Modes Explained:
| Mode | Description |
| Filtered | Applies security filters (recommended default for normal data visibility). |
| Ignored | Ignores all security filters (use with caution). |
| Disallowed | Throws an error if any security filters are present. |
| Validated | Applies filters and errors if the code accesses restricted records. |
Syntax:
RecordVar.SecurityFiltering: = SecurityFilter:: < Disallowed | Filtered | Ignored | Validated>
[SecurityFiltering (SecurityFilter:: <Disallowed | Filtered | Ignored | Validated>)]
Let’s see some examples:
1. SecurityFiltering::Filtered: If a record is set to Filtered, then any security filters that have been set are respected for this instance of the record. To the user, it is as if records outside the security filters do not exist.
2. SecurityFiltering::Ignored: If a record is set to Ignored, then any security filters that have been set are ignored for this instance of the record.
3. SecurityFiltering::Disallowed: If a record is set to Disallowed, setting any security filter on it causes an error.
4. SecurityFiltering::Validated: If a record is set to Validated, then any security filters that have been set are respected for this instance of the record, and an error occurs if the code attempts to access a record that is outside the range of the security filters.
Error:
No Error:
🧭 Best Practices for Using Security Filters
- Always test security filters in a sandbox before deploying to production.
- Use Validated mode for critical operations that should not run with partial data access.
- Document all filters applied for audit and troubleshooting purposes.
- Avoid using Ignored mode unless absolutely necessary.
📚 Conclusion
Security Filters in Microsoft Dynamics 365 Business Central are essential tools for enforcing data-level security. Whether you’re managing sales, finance, or operations teams, proper use of security filters ensures that users only see what’s relevant to them.
By configuring permission sets and understanding how to control access using the SecurityFiltering property, you can strike the right balance between security and usability.
📢 Let Madhda simplify your security setup — so you can focus on what matters most: running your business.
