Query Service Security [AX 2012]

Updated: September 28, 2011

Applies To: Microsoft Dynamics AX 2012 R2, Microsoft Dynamics AX 2012 Feature Pack, Microsoft Dynamics AX 2012

There are two types of security to consider when you work with the Microsoft Dynamics AX query service:

  • Access security – who can access the query service

  • Data security – what data can a user access by using the query service

Only authenticated Microsoft Dynamics AX users can access the query service. In order to retrieve data by using the query service, you must have a valid username in Microsoft Dynamics AX. The query service uses Windows integrated security. Therefore, when a caller invokes the query service, the system verifies the credentials under which the calling client is running and verifies that the username is a valid Microsoft Dynamics AX user.

The query service is always available and any authenticated Microsoft Dynamics AX user can access the service.

The data that a calling user can access by using the query service depends on what roles the user is a member of. The query service respects any record-level or field-level security that is implemented for the calling user.

The user’s security access determines the query behavior or the data that is returned for a user as shown in the following table.

Security Condition

Result

User does not have access to one or more tables accessed by a query data source.

The query will fail with an error that indicates that access is denied.

User does not have access to a field returned by a query data source.

The field is returned in the dataset but the field value is DbNull.

For more information about data that the AOS withholds from the current user, see Finding All Fields the AOS can Trim.

User does not have access to a field that is used in a query data source relation (join), order by, group by, data source range, or query filter.

The query will fail with an error that indicates that access is denied.

Community Additions

ADD
Show: