web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Permissions required t...
Power Apps
Unanswered

Permissions required to run a Business Process Flow.

(0) ShareShare
ReportReport
Posted on by mikefeingold 36

Trying to get a definitive answer on what roles/permissions are required to run a Business Process Flow.

 

I have a Business Process Flow called "Change password for portal contact". (It's from the PowerApps portal but this question isn't portal specific).

 

Permissions for this specific BPF can be configured via a security role:

mikefeingold_0-1620815382330.png

 

 

And on the BPF editor, the security roles can be configured:

mikefeingold_1-1620814974500.png

 

I'd like to understand how these 2 are related (if at all).

For a user with "All Users" security role - do they need security role permissions (as screenshot #1) and/or "Enable security roles" permissions (as screenshot #2)?

 

Does a user need any other permissions to run a BPF? I've seen some comment about requiring various Process/ProcessConfiguration/ProcessSession permissions (available on the Customisation tab).

 

Thanks

Mike

 

Categories:
Building Power Apps
I have the same question (0)
  • Bilakanti Profile Picture
    Bilakanti 1,226 on at

    @mikefeingold I don't think any other permission is required. What is the issue?

  • mikefeingold Profile Picture
    mikefeingold 36 on at

    In order for someone to be able to run the BPF, what's the minimum permissions required?

    (Assume the user has correct permissions on the entities that the BPF updates).

    Eg, is it sufficient for them to have only the "Enable Security Roles" permission (screenshot #2) or do they also need permissions from screenshot #1.

    I tried various combinations but couldn't seem to change the behaviour.

     

    Mike

  • Bilakanti Profile Picture
    Bilakanti 1,226 on at

    @mikefeingold 
    1. In screenshot 1 it shows that what kind of operations that user can perform on that BPF which is required.
    2. In screenshot 2 it shows that you are adding the security role with name All users to the BPF, so that it only shows to those users who are part of that security role. 
    Note:  By default BPF will be shown to everyone.

  • mikefeingold Profile Picture
    mikefeingold 36 on at

    @Bilakanti 

    Users should only be able to execute the BPF. Note create/edit/delete it.

    So presumably the BPF should be linked to the security role like screenshot #2

    Do they need any permissions from screenshot #1 (eg, Read) to be able to run the BPF, or can they all be blank?

  • Verified answer
    ChrisPiasecki Profile Picture
    ChrisPiasecki 6,422 Most Valuable Professional on at

    Hi @mikefeingold,

     

    The table for your specific BPF is for storing instances of the process flow. Granting access to that table does not give users permission to modify the business process flow definition. Your users would require the System Customizer or System Administrator role to do that or create/write/delete privileges on the Workflow table, which is where the definitions for cloud flows, Dataverse workflows, and BFPs are stored.

     

    You will need at least create/update/read on your BPF table to start an instance of it and move it from stage to stage. 

     

    Setting the security roles in the BPF designer will dictate which roles will see the BPF. This and the order of BPFs set on a table will determine what BPF instance will be used by default for a particular user when creating a new record. 

     

    ---
    Please click Accept as Solution if my post answered your question. This will help others find solutions to similar questions. If you like my post and/or find it helpful, please consider giving it a Thumbs Up.

     

  • mikefeingold Profile Picture
    mikefeingold 36 on at

    Hi @ChrisPiasecki 

     

    Thanks for your response - that makes sense now. Just to confirm:

     

    For a user to run a BPF then one of their security roles needs to (a) have create/read/write permissions on the BPF as per screenshot #1 and (b) be added to the "enable security roles" of the BPF as per screenshot #2

     

    Mike

  • ChrisPiasecki Profile Picture
    ChrisPiasecki 6,422 Most Valuable Professional on at

    Hi @mikefeingold,

     

    Step #2 is not mandatory. It's similar to setting security roles on forms or dashboards such that everyone that does have access to the table will have that BPF by default and can see that BPF on the record and choose it. 

     

    More info here.

    ---
    Please click Accept as Solution if my post answered your question. This will help others find solutions to similar questions. If you like my post and/or find it helpful, please consider giving it a Thumbs Up.

  • mikefeingold Profile Picture
    mikefeingold 36 on at

    Understood - thank for explaining this

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 717 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 329 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans