How to control which procurement categories a user can see when creating a Purchase Requisition
- 1 minute ago
- 2 min read
Tip of the Day: In Dynamics 365 Finance & Operations, you can control which procurement categories a user (worker) can see by doing the following setup.
Setup:
1. Ensure employees are tied to an organization
Employees must be linked to a position
The position must be linked to a department / business unit
The department must exist in an organization hierarchy with purpose Procurement internal control
(Without this, the policy can’t be evaluated correctly).
2. Create or update a Purchasing Policy
Navigate to:
Procurement and sourcing > Setup > Policies > Purchasing policies
Open an active purchasing policy
Assign it to:
A legal entity, or
An organizational hierarchy (recommended if you want different rules per department)
3. Add a Category access policy rule
Policy rule type: Category access policy rule
Select the allowed procurement categories
Optionally:
✅ Include subcategories
✅ Apply parent rule inheritance
Only the selected categories will be visible to employees covered by this policy.
4. Add a Category policy rule (Optional)
If you want to enforce behavior within those categories (for example, vendor restrictions), add:
Category policy rule
Use the same categories as the access rule
How this applies to a specific employee
If you need to restrict one employee:
Put that employee in:
A dedicated department, or
A position tied to a specific department
Apply a purchasing policy to that department
Define category access rules for that policy
This is the intended design—policies apply by organization, not by user ID.
Note: Microsoft purchasing control is policy-driven, not security-driven.
✅ Best-practice patterns
Requirement | Best approach |
Restrict by department | Purchasing policy + org hierarchy |
Restrict a single person | Dedicated department or position |
Enforce approved buying | Combine with Catalog policy rule |
Prevent free-text buying | Catalog + category access rules |
Summary
Use Purchasing policies
Add a Category access policy rule
Scope the policy via organizational hierarchy
Employees only see and buy from allowed categories
This is 100% standard D365FO functionality