Security was top of mind with Microsoft Dynamics GP 2016’s OData feature

Microsoft Dynamics GP 2016 introduced OData as a new way of accessing information in GP via the internet.  As it is implemented in GP, OData is a resource-based web protocol for querying data. It makes accessing GP data remotely for analysis in products like Tableau or Power BI easier than ever before. This secure connection has been a missing piece of the puzzle in a lot of use cases.

But companies are always worried about the security of their data so I dug into OData security to really understand it. First, the OData connection has to be created and secured with an SSL certificate as part of the setup so there's a solid security base at the core. Second, data has to be both selected and published to be available. For example, if a user selects to make payroll data available, but it isn't published, no one can access that data, even with appropriate permission.

Finally, even after data is published, the user has to have appropriate role access to a specific set of data to make that available to something like Power BI. In this first release, OData information roughly correlates to the same data sets that were already available in Smartlists and refreshable Excel Reports. It's that same information now accessible outside the firewall. The OData process is both easier and more secure than trying to lock down externally facing Excel data while still allowing data access.

To help make all of this happen, GP 2016 comes with a new set of roles and tasks. These are designed to provided user level access to specific information. Security is managed via Active Directory users, ...