Skip to main content

Notifications

Power Pages - Power Apps Portals
Answered

Anonymous Users not granted Entity Permissions

Posted on by 6

According to Microsoft Docs:

"The Anonymous Users Role is intended to be used with Entity Permissions. It will not respect any other rules or permissions. By enabling the "Anonymous Users Role" it will become the default web role for all users." - https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/create-web-roles

 

I configured Site Settings to enable WebAPI on the Contact entity, and on the firstname and lastname fields. I also configured an Entity Permission to allow update of the Contact entity, and assigned the EP to the default 'Anonymous Users' role (Anonymous Users Role field = Yes). I am making a WebAPI call on my portal to set the Firstname and Lastname fields of the current Contact when they first land on the Profile page after registering. The call fails returning a 403 (Forbidden) error:

 

error: {code: "90040102", message: "You don’t have permission to update contact entity."}

 

If I go into D365, and assign the Contact the 'Anonymous Users' Role, then the WebAPI call is successful and the firstname and lastname fields are updated. Considering that it works when the Contact is assigned the 'Anonymous Users' web role, it makes me think I have configured the Entity Permissions correctly and that the Contact after registration isn't gaining the Anonymous Users role.

Does anyone have any idea why the Contact after registration doesn't have the 'Anonymous Users' role applied? Thanks.

  • adamgatt Profile Picture
    adamgatt 6 on at
    Re: Anonymous Users not granted Entity Permissions

    Thank you both for your replies! Appreciate the help!

    OOlasyn's response was correct. I applied the EP to the 'Authenticated User's role and it now works. I thought that the user would not be considered an 'Authenticated User' until they had verified their account via the email link. An oversight on my part.

  • Verified answer
    OOlashyn Profile Picture
    OOlashyn 3,498 on at
    Re: Anonymous Users not granted Entity Permissions

    Hi @adamgatt ,

    Did I understand you correctly that you are using web API after a user is registered on the portal? If yes that means that the user is already authenticated and anonymous web role is not applicable anymore.

  • oliver.rodrigues Profile Picture
    oliver.rodrigues 8,830 on at
    Re: Anonymous Users not granted Entity Permissions

    Have you tried with different entities just as a test?

    I am wondering here if this is a security behavior because of the Contact entity is a special one. But in my opinion it looks like you have configured everything correctly and that should work with no issues.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

October 2024 Newsletter…

October 2024 Community Newsletter…

Community Update Oct 28…

Power Platform Community Update…

Tuesday Tip #4 How to Conntact Support…

Welcome to a brand new series, Tuesday Tips…

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 142,473

#2
RandyHayes Profile Picture

RandyHayes 76,308

#3
Pstork1 Profile Picture

Pstork1 63,659

Leaderboard