While the administrators can maintain the security role assignment for individual users, most of the work of creating the security objects needs to be done by the developer. The following security-related tasks need to be created by the developers:

• The developers should create the appropriate privileges and add entry points to associate the functionality.
• Custom duties and roles should be created for custom functions before they can be assigned to users.
• The security policy nodes should be created by the developers so that they can use the XDS security models in Microsoft Dynamics 365 for Finance and Operations, Enterprise edition.
• You can extend existing roles and duties using the metadata extension model.