Often as consultants or administrators, we forget that we have higher levels of access than other users. The same can be said for users who have been given one of the out of the box security roles for Marketing. We just assume others can see the same things we can. There are two areas specifically where a marketer can review marketing interactions on the timeline for a Lead and Contact, and also gain access to the Insights on these records to see what kind of marketing activities have been generated for the audience member. Unfortunately, someone using a different app might not be able to see this level of detail. Let’s look at how you can create a new custom security role to provide the security permissions required.

First, make sure any of your custom forms include the Insights tab. If they don’t, check out this post from my good friend Amey Holden where she provides information on how to add it. This is what the Insights tab on a Contact or Lead looks like for a user with the right level of access.

Click to view in detail

Sad for those without the right permissions, because they see errors all over the place!

Click to view in detail

If you have custom forms and the timeline isn’t showing the marketing interactions even for a marketing user, check out this post on how to add the interactions to those forms. For a user with access to marketing interactions, the timeline will look something like this, showing information on emails, text messages, push notifications, web activity, forms and events.

Click to view in detail

A less informative timeline is displayed for users without the right level of access. Not fun!

Click to view in detail

From a page on Microsoft’s documentation site, they detail the types of activities that will be displayed for a Lead and/or Contact: Customer interactions timeline. They have also listed the specific tables that a user must have read permissions for in order to see them on the timeline. They have provided the database name for each table, so I have provided the table name you would see when editing a security role.

  • msdyncrm_marketingemail – Marketing email
  • msevtmgt_event – Event
  • msdyncrm_marketingform – Marketing form
  • msdyncrm_website – Marketing website
  • msdynmkt_email – Email
  • msdynmkt_pushnotification – Push notification
  • msdynmkt_sms – Text message

In addition, you also need to add in the new Real-time Marketing forms, which will be this:

  • msdynmkt_marketingform – Form

To make sure other users get the right access, you can either edit an existing security role you know your sales and/or customer service users have, or create a new one that you can assign to individual users or a team. Although you can edit it in the ‘classic’ way, I have found it easier to do it using the new functionality in the Power Platform Admin Center instead. It means you can find things by table name rather than the label of the table (which people can change). By all means create your security role in a solution, but then go to https://admin.powerplatform.microsoft.com, find the environment, then go to settings and then security roles. Click on the name of the security role you wish to edit.

Click to view in detail

From here, we can use the search box to look for the correct tables to find them in the list. Then change the Read permission from None to something different. It’s down to your companies structure if you do Organisation, Business Unit or Parent Child Business Unit. For mine, there is one business unit only, so these are being set to Organisation on the Read permission. Go through each table and change the Read permission.

Click to view in detail

The last table to look for is msdyncrm_customerinsightsinfo. It’s this table that gives access to the Insights tab. Again, change only the Read permissions and set as the level of access relevant and acceptable to your organisation. Save your security role, then assign it to the users and/or teams that require the ability to see the marketing insights table and marketing interaction activities on the timeline.

Click to view in detail

Although these are not required to allow users to see the timeline activities or insights, consider adding these other tables with Read access so that sales users can also review additional marketing related information:

  • msdynmkt_contactpointconsent4 – Contact Point Consent records
  • msdyncrm_customerjourneycustomchannelactivity – Custom Channel activities
  • msevtmgt_eventregistration – individual Event Registations
  • msdynmkt_marketingformsubmission – Realtime Marketing Form Submissions
  • msdyncrm_marketingformsubmission – Outbound Marketing Form Submissions

Check out the latest post:
Predefined Placeholder Access In Customer Insights - Journeys

D365 Marketing Weekly
Have you seen the D365 Marketing Weekly newsletter yet?
A weekly issue covering features, functionality and news on the topic of Marketing, specifically covering Dynamics 365 Marketing and other interesting tools and tips for anyone interested in the subject.
Subscribe Here
This is just 1 of 456 articles. You can browse through all of them by going to the main blog page, or navigate through different categories to find more content you are interested in. You can also subscribe and get new blog posts emailed to you directly.

3 thoughts on “Sales Access To Marketing Insights And Timeline Interactions

  1. Hi Megan,

    Happy New Year 🥳!

    I have added the marketing activities to a custom contacts timeline in a custom app (using https://learn.microsoft.com/en-gb/dynamics365/customer-insights/journeys/timeline?WT.mc_id=DX-MVP-5003395).

    Is it possible to include the marketing activities on the contacts timeline WITHOUT the links to the forms/emails/text messages/etc?

    The reason for this is that there are some users who need to see the marketing activities on the timeline but they are not allowed to have access to Customer Insights.

    Currently when they click the link to a CIJ form/email a new tab opens with the following message:
    “We can’t open this app
    The app URL wasn’t found or you need permissions to open it. Please check the URL and try again, or contact your system administrator.”

    This isn’t a great user experience, it would be great if the links could be turned off. Although that would mean that actual Customer Insights users would not see the links either. 🤔

    Maybe it is best to just give the non Customer Insights Users Read-only access to the CIJ tables.

    I hope my ramblings make sense.


    1. Hi Seán,

      Happy New Year to you also! Your question makes sense, but there is no way for you to edit or control how those activities look within the timeline. So it’s either turn them on, but know that the users clicking on the link will not have access to the App and get an error, leave it turned off and then they can’t see them, or give them access to see them and also access to the App (not what I would suggest) so they don’t get the error.

      Sorry, no other options really!


Leave a Reply

Your email address will not be published. Required fields are marked *