Non-interactive Access Mode

Why would you want to set Access Mode for user to Non-interactive? 

Setting the Non-interactive access mode fro a user will prevent him from accessing Dynamics 365 application UI in any official Dynamics 365 client: Web, Outlook and mobile. While human users need an GUI to actually do some work, external applications interacting with Dynamics 365 do not. Note that security mechanism such as Security Roles, Field Level Security etc. apply to users with Non-interactive access mode just as Read-Write users.

Assigning the Non-interactive access mode to applicative users used for interaction with external applications is a good security best practice as long as you assign the most restrictive Security Roles rather than System Administrator. This way, if this user’s credentials are breached, a potential attacker can access via API only, limited to the data scope and operations dictated by the Security Roles to begin with. 

If you do use the Non-interactive access mode for applicative user, consider the password renewal policy for this user, as there is not human on the the other side to actually change the password. This means that dependent integration points may fail due to expired password.

For more details about setting up a Non-interactive user follow this article.

image

Advertisements