Notifications
Announcements
I have created a PVA chat bot. In that we are calling an action and action is referring an order entity. In that entity sales user is not having access to all the order records but when sales user is trying to access the records through PVA then sales user can see other records also which is not assigned or shared with sales user.
How we can restrict the access to sales user so that they cant see the other's record while chatting in PVA?
Hi @vpathak,
One approach could be to impersonate the user in your request.
You could use the Microsoft Dataverse Web API with an HTTP request action and use the CallerObjectID with the Azure Active Directory (AAD) object id of the user interacting with the PVA chat bot.
Here is an example in the Microsoft Docs about user impersonation:
Impersonate another user using the Web API (Microsoft Dataverse) - Power Apps | Microsoft Docs
Below is a screenshot of such a query in Power Automate.
Thanks for your reply.
Could you please let us know how I can pass callerobjectid for different such user who has record based access to entity..
1. Make sure you enable authentication for your Power Virtual Agent.
2. Create a flow with a When Power Virtual Agents calls a flow trigger action. Add a text UserID input field to that action.
3. Use a HTTP action like I showed in my earlier post. Use the UserID field for the CallerObjectId in the Header section.
4. In your Topic setup make sure you map the Bot.UserId to the flow with the UserId field
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
In our never-ending quest to improve we are simplifying the forum hierarchy…
We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…
These are the community rock stars!
Stay up to date on forum activity by subscribing.
Valantis 325
Romain The Low-Code... 176 Super User 2025 Season 2
chiaraalina 119
