web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro - Series II
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Cannot use Set-AdminFl...
Power Apps
Answered

Cannot use Set-AdminFlowOwnerRole

(0) ShareShare
ReportReport
Posted on by aboodhamwi 79

Hi,

 

My user has global admin role, but once I'm trying to execute  Set-AdminFlowOwnerRole I'm getting the error

Code : Forbidden
Description : Forbidden
Error :
Errors :
Internal : System.Net.HttpWebResponse

any ideas

Categories:
Governance & administering
I have the same question (0)
  • v-monli-msft Profile Picture
    v-monli-msft Microsoft Employee on at

    Hi @aboodhamwi ,

     

    Check if this helps:

    https://www.powershellgallery.com/packages/Microsoft.PowerApps.Administration.PowerShell/2.0.1/Content/Microsoft.PowerApps.Administration.PowerShell.psm1

     

    function Set-AdminFlowOwnerRole
    {
    <#
    .SYNOPSIS
    sets owner permissions to the flow.
    .DESCRIPTION
    The Set-AdminFlowOwnerRole set up permission to flow depending on parameters.
    Use Get-Help Set-AdminFlowOwnerRole -Examples for more detail.
    .PARAMETER EnvironmentName
    Limit app returned to those in a specified environment.
    .PARAMETER FlowName
    Specifies the flow id.
    .PARAMETER RoleName
    Specifies the access level for the user on the flow; CanView or CanEdit
    .PARAMETER PrincipalType
    Specifies the type of principal that is being added as an owner; User or Group (security group)
    .PARAMETER PrincipalObjectId
    Specifies the principal object Id of the user or security group.
    .EXAMPLE
    Set-AdminFlowOwnerRole -PrincipalType Group -PrincipalObjectId b049bf12-d56d-4b50-8176-c6560cbd35aa -RoleName CanEdit -FlowName 1ec3c80c-c2c0-4ea6-97a8-31d8c8c3d488 -EnvironmentName Default-55abc7e5-2812-4d73-9d2f-8d9017f8c877
    Add the specified security group as an owner fo the flow with name 1ec3c80c-c2c0-4ea6-97a8-31d8c8c3d488
    #>
    [CmdletBinding(DefaultParameterSetName="User")]
    param
    (
    [Parameter(Mandatory = $true, ParameterSetName = "User", ValueFromPipelineByPropertyName = $true)]
    [string]$FlowName,

    [Parameter(Mandatory = $true, ParameterSetName = "User", ValueFromPipelineByPropertyName = $true)]
    [string]$EnvironmentName,

    [Parameter(Mandatory = $true, ParameterSetName = "User")]
    [ValidateSet("User", "Group")]
    [string]$PrincipalType,

    [Parameter(Mandatory = $true, ParameterSetName = "User")]
    [ValidateSet("CanView", "CanEdit")]
    [string]$RoleName,

    [Parameter(Mandatory = $true, ParameterSetName = "User")]
    [string]$PrincipalObjectId = $null,

    [Parameter(Mandatory = $false, ParameterSetName = "User")]
    [string]$ApiVersion = "2016-11-01"
    )

    process
    {
    $userOrGroup = Get-UsersOrGroupsFromGraph -ObjectId $PrincipalObjectId
    $PrincipalDisplayName = $userOrGroup.DisplayName
    $PrincipalEmail = $userOrGroup.Mail

    $route = "https://{flowEndpoint}/providers/Microsoft.ProcessSimple/scopes/admin/environments/{environment}/flows/{flowName}/modifyPermissions?api-version={apiVersion}" `
    | ReplaceMacro -Macro "{flowName}" -Value $FlowName `
    | ReplaceMacro -Macro "{environment}" -Value (ResolveEnvironment -OverrideId $EnvironmentName);

    #Construct the body
    $requestbody = $null

    $requestbody = @{
    put = @(
    @{
    properties = @{
    principal = @{
    email = $PrincipalEmail
    id = $PrincipalObjectId
    type = $PrincipalType
    displayName = $PrincipalDisplayName
    }
    roleName = $RoleName
    }
    }
    )
    }

    $result = InvokeApi -Method POST -Route $route -Body $requestbody -ApiVersion $ApiVersion

    CreateHttpResponse($result)
    }
    }

     

    Regards,

    Mona

     

  • Verified answer
    aboodhamwi Profile Picture
    aboodhamwi 79 on at

    The issue was, that flow is a solution aware flow, and you cannot change the owner of it

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro - Series II

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Kudos to our 2025 Community Spotlight Honorees

Expanding mentorship, skilling, and AI innovation

Congratulations to the May Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
Valantis Profile Picture

Valantis 483

#2
WarrenBelz Profile Picture

WarrenBelz 399 Most Valuable Professional

#3
11manish Profile Picture

11manish 327

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans