Work 365 Security Roles are additive roles based on existing Dynamics CRM roles. They are not standalone Work 365 roles.
Pre-requisites
- In order to assign Work 365 roles, an individual must already have the necessary CRM role.
- Only CRM System Admins can assign security roles.
Here is the recommended role mapping
- Work 365 Sales ➤ Sales Person
- Can create Billing Contracts, subscriptions
- Provision Customer Accounts in the Partner Center
- Update Changes to License Change Logs on subscriptions (cannot create license changelogs)
- Can only read templates, and can read their own incentives plans
- Cannot charge customer Credit Cards, or create Payment Profiles
- Can generate invoices
- Work 365 Customer Service ➤ Customer Service Representative
- Can sync subscriptions
- Provision Accounts in Partner Center
- Update Changes to License Change Logs on subscriptions (cannot create license changelogs)
- Cannot charge customer Credit Cards, or create Payment Profiles
- Work 365 Admin ➤ Sales Manager + CSR Manager (finance and admin)
- Can modify Work 365 Configuration Settings
- Cannot Set up a new Work 365 provider (only a System Admin can do that)
- Work 365 Service ➤ Consent Account between Partners and Work 365
- Have the same rights as the Work 365 Admin account