web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate / Trigger a flow from se...
Power Automate
Unanswered

Trigger a flow from security roles table added, changed or removed record

(0) ShareShare
ReportReport
Posted on by Gprior 184
Hello everyone,
i'm struggling to retrieve the trigger when a new row in security roles table is added, modified or changed.
 
Do i have to check something specific?
It does not trigger anytime.
Also, is it correct to retrieve the user of the record using this expanded query?
Categories:
General topics
I have the same question (0)
  • stampcoin Profile Picture
    stampcoin 5,058 Super User 2025 Season 2 on at
    @Gprior Hi,
     
    To be honest, power automate is not a good choice to manipulate security roles.
    Anything regards security, should be tracked/approved.
     
    what you could do regarding automation against dataverse, for example combine audit log, with data modified, analyze and reporting, business rules.
    Service principla/app permissions.
     
    Talk to the security team/infrastructure team if you have one, if you are a member of the team, Azure AD is the control center + powershell scripting or third party security product.
  • Gprior Profile Picture
    Gprior 184 on at
    hi @stampcoin! Thank you (again) for the reply!
     
    Context: security roles are actually managed by admin in power platform administrator portal. Once a user has new security roles assigned we manage the visibility to specific sharepoint folders with power automate using a service account specifically authorized to manage people inside the sharepoint groups.
    I don't have to manage security roles, I have to find when a user has a new security role assigned so that we can drive his visibility on a dedicated sharepoint site.
  • Suggested answer
    stampcoin Profile Picture
    stampcoin 5,058 Super User 2025 Season 2 on at
    @Gprior Hi, 
    If you want to get the roles info ( view), you have to consider using schedule  periodic polling the info.
    for example, you create a custom table or share point list which can have the simple structure of the security role table.
    1. List Rows from Security Roles.
    2. Build a JSON Array of Roles.
    3. Get the info from custom table/sharepoint list.
    4. Compare Current Roles to table/list.
    5.  If different, take action.
    6. overwrite your table/list.
    good luck.
  • Gprior Profile Picture
    Gprior 184 on at
    And that's what i have done! i've created a custom table where i save sharepoint group id and busienss units ids of the environment.
     
     
    You are suggesting to check periodically instead of updating on time but it looks to me like a lot of effort to run through every person and update the assignment of the sharepoint groups.
     
    Also consider that i'm using the security roles because i was not able to find a direct link between the user and the modernized business units
     
    I wonder if there's a direct way to retrieve all the BU of the user without using the security roles.
  • stampcoin Profile Picture
    stampcoin 5,058 Super User 2025 Season 2 on at
    @Gprior Hi,
    Your context already has a input variable ( the user), and also timestamp on the table.
    Which means you don't need to compare all records, just use the user GUID.
    Since the BU designed with Security together, I don't see option you can avoid that especially you want instance action.
    If you consider a user application form which is for applying access, it initialize a work flow.
    what will you going to do about it ? The user's UPN or GUID will be initialized during the whole flow, and in the flow you will also consider using Delay.
    Simple steps:
    1. Once submit, approval flow part initialized.
    2. Once approved, initialize variables for example, get user UPN/GUID, etc.
    3. Power admin will use that to take some action,  for example invoke Azure Automation, create a job and use  Runbook ( invoke powershell).
    4. once done, you even don't need to check dataverse security tables. Of course you can, from here you need to use Delay, for example 5 min.
    5. After step 3, you can step in sharepoint setting directly if you more detail , after step 4.
     
    You either use one flow, or split the flow. 

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Automate

#1
Michael E. Gernaey Profile Picture

Michael E. Gernaey 522 Super User 2025 Season 2

#2
Tomac Profile Picture

Tomac 364 Moderator

#3
abm abm Profile Picture

abm abm 243 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

Share your ideas and struggles with building Power Automate flows!
Survey: Power Automate mobile app
How to Ask for Help with Your Power Automate Workflow
Flows are not visible for users who sign in with their personal accounts
Start and wait for an approval action
Restore a deleted flow
List of actions cheat sheet for Power Automate Desktop
Question for everyone : How are you using Create Text GPT in AI Builder?
Welcome to the Power Automate forum!

Product updates

Microsoft Power Platform Community release plans