Hide Sharepoint list items by user permission

I have a SharePoint list that gets refreshed from Epicor everyday (via REST and a flow, etc.). It’s our production schedule.

Internally, anyone can see the whole list, and that’s fine.

Now we want to make it visible to external users, BUT our customers should not be able to see everything that other customers have on order.

Any thoughts on how to do this?

I feel like this is something many of you have tackled in some way - and maybe I am approaching the concept all wrong. I’m open to any way of reinventing the idea.

But I mean the basic idea is that I’d like this to be easily maintainable (if we add a customer, for example) and yet secure (protecting sensitive information). And also ideally if it was fool-proof enough that I could train someone else to do it one day.

Any advice is appreciated.

Thought I’d bump this one last time. @Mark_Wonsil - you’re the Flow aficionado.

I’d guess that you’d need to make a list for each customer, and set the access control accordingly.

That is so not the answer I wanted.

But I am pretty sure you are right.

Sorry Jason, a couple of thoughts:

One, you can use row-level security in lists or in folders within lists,
2 ways to manage row-level security in a SharePoint list - SharePoint Maven

Two, don’t use a SharePoint list and consider using Microsoft’s Dataverse (Formerly the Common Data Service), which also has row-level security but opens up the data for further tools. This might have some upload record limits…

Design - Securing the app and data - Power Apps | Microsoft Docs


IF you’re full-on M365, you can create a Team for each customer you want in your portal. Each team automatically gets a Document Library, Chat, etc and you can add your custom list there. The security is done by default.

And remember that Teams is part of the Microsoft Graph, so the entire process could be automated.

Thank you for the thoughts @Mark_Wonsil - no apologies needed. That’s awesome that MS has a guide to secure design. I’ll be reading that a few dozen times. And the Dataverse thing - I’ll have to do some more homework. But these are avenues I would not have thought of. Perfect.