Notifications
Announcements
It is now possible for tenant admins to "license" specific users as bot authors at the tenant level. Is there any way to constrain which bots individual users can edit ? Ideally, I would like to see a mechanism tied to D365 security roles.
Thank you Nicholas for the inquiry.
Power Virtual Agent license allows global admin to assign specific users to be allowed to use Power Virtual Agents in your tenant.
System administrators for each environment can limit who can create bots in the given environment. You can manage so by following the steps below:
1. Create a new environment that you want users to create bots in (make sure CDS is created)
2. Launch Power Virtual Agents and create a bot in the environment
3. Go to Dynamics admin portal to assign security roles
4. Assign 'bot author' role to users that you allow creating bot in the environment
So, if I understand you correctly, if a person has a bot author security role assigned they could edit ANY bot throughout the entire Environment. That is no where near enough granularity of control. Particularly with Dual Write now GA one CDS Environment can link to many legal entities - but in for example customer service the scope of the role is constrained by the concept of business units which will align to the legal entity. The authoring of PVA's NEEDS the Business Unit concept so that the ability to edit a bot is enabled by the security role BUT is then constrained in scope in the usual way by the Business Unit. I have raised the same issue in relation to Omni Channel, which is also not at present business unit aware. Both PVA and Omni Channel MUST have business unit awareness. This is rendered essential by the fact that you will now have one organisation wide CDS but linked to many legal entities existing in Dynamics F&O through Dual Write. (and I believe also Business Central soon) You simply cannot have a situation where employees of legal entity X (who has no business role requiring them to work on legal entity Y's bot) are able to edit the bot of legal entity Y. It is absolutly essential that this granularity of control be available in the same way they it is in D365 sales, Customer Service, Marketing etc. If I have misunderstood then please advise.
Hi Nicholas,
PVA today does not support multiple user to access the same bot in the application other than the creator. There is currently no capability to share a bot with another user. Regarding the record itself, you can check the 'Bot Author' role defined in Dynamics Admin Portal of only providing user (self) depth. This means that the record will only be accessible by the owner or users that he or she shares with.
When PVA supports the ability to share bots with other users, it will take into account of the CDS security to ensure the record access is protected by the security permission model and configuration. Hope this clears things up!
Ok - that makes sense. As long as the PVA authoring tools will respect the CDS security model at the point when it becomes possible for multiple people to work on an existing bot that is fine. I hadn't appreciated that the point was irrelevant at the moment because you can only create / maintain your own bot not bots created / maintained by other people.
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
In our never-ending quest to improve we are simplifying the forum hierarchy…
We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…
These are the community rock stars!
Stay up to date on forum activity by subscribing.
Michael E. Gernaey 265 Super User 2025 Season 2
Romain The Low-Code... 240 Super User 2025 Season 2
S-Venkadesh 101 Moderator
