web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Cannot use Set-AdminFl...
Power Apps
Answered

Cannot use Set-AdminFlowOwnerRole

(0) ShareShare
ReportReport
Posted on by aboodhamwi 79

Hi,

 

My user has global admin role, but once I'm trying to execute  Set-AdminFlowOwnerRole I'm getting the error

Code : Forbidden
Description : Forbidden
Error :
Errors :
Internal : System.Net.HttpWebResponse

any ideas

Categories:
Governance & administering
I have the same question (0)
  • v-monli-msft Profile Picture
    v-monli-msft on at

    Hi @aboodhamwi ,

     

    Check if this helps:

    https://www.powershellgallery.com/packages/Microsoft.PowerApps.Administration.PowerShell/2.0.1/Content/Microsoft.PowerApps.Administration.PowerShell.psm1

     

    function Set-AdminFlowOwnerRole
    {
    <#
    .SYNOPSIS
    sets owner permissions to the flow.
    .DESCRIPTION
    The Set-AdminFlowOwnerRole set up permission to flow depending on parameters.
    Use Get-Help Set-AdminFlowOwnerRole -Examples for more detail.
    .PARAMETER EnvironmentName
    Limit app returned to those in a specified environment.
    .PARAMETER FlowName
    Specifies the flow id.
    .PARAMETER RoleName
    Specifies the access level for the user on the flow; CanView or CanEdit
    .PARAMETER PrincipalType
    Specifies the type of principal that is being added as an owner; User or Group (security group)
    .PARAMETER PrincipalObjectId
    Specifies the principal object Id of the user or security group.
    .EXAMPLE
    Set-AdminFlowOwnerRole -PrincipalType Group -PrincipalObjectId b049bf12-d56d-4b50-8176-c6560cbd35aa -RoleName CanEdit -FlowName 1ec3c80c-c2c0-4ea6-97a8-31d8c8c3d488 -EnvironmentName Default-55abc7e5-2812-4d73-9d2f-8d9017f8c877
    Add the specified security group as an owner fo the flow with name 1ec3c80c-c2c0-4ea6-97a8-31d8c8c3d488
    #>
    [CmdletBinding(DefaultParameterSetName="User")]
    param
    (
    [Parameter(Mandatory = $true, ParameterSetName = "User", ValueFromPipelineByPropertyName = $true)]
    [string]$FlowName,

    [Parameter(Mandatory = $true, ParameterSetName = "User", ValueFromPipelineByPropertyName = $true)]
    [string]$EnvironmentName,

    [Parameter(Mandatory = $true, ParameterSetName = "User")]
    [ValidateSet("User", "Group")]
    [string]$PrincipalType,

    [Parameter(Mandatory = $true, ParameterSetName = "User")]
    [ValidateSet("CanView", "CanEdit")]
    [string]$RoleName,

    [Parameter(Mandatory = $true, ParameterSetName = "User")]
    [string]$PrincipalObjectId = $null,

    [Parameter(Mandatory = $false, ParameterSetName = "User")]
    [string]$ApiVersion = "2016-11-01"
    )

    process
    {
    $userOrGroup = Get-UsersOrGroupsFromGraph -ObjectId $PrincipalObjectId
    $PrincipalDisplayName = $userOrGroup.DisplayName
    $PrincipalEmail = $userOrGroup.Mail

    $route = "https://{flowEndpoint}/providers/Microsoft.ProcessSimple/scopes/admin/environments/{environment}/flows/{flowName}/modifyPermissions?api-version={apiVersion}" `
    | ReplaceMacro -Macro "{flowName}" -Value $FlowName `
    | ReplaceMacro -Macro "{environment}" -Value (ResolveEnvironment -OverrideId $EnvironmentName);

    #Construct the body
    $requestbody = $null

    $requestbody = @{
    put = @(
    @{
    properties = @{
    principal = @{
    email = $PrincipalEmail
    id = $PrincipalObjectId
    type = $PrincipalType
    displayName = $PrincipalDisplayName
    }
    roleName = $RoleName
    }
    }
    )
    }

    $result = InvokeApi -Method POST -Route $route -Body $requestbody -ApiVersion $ApiVersion

    CreateHttpResponse($result)
    }
    }

     

    Regards,

    Mona

     

  • Verified answer
    aboodhamwi Profile Picture
    aboodhamwi 79 on at

    The issue was, that flow is a solution aware flow, and you cannot change the owner of it

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 739 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 343 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans