Hello community,
I like to get a clear clarification for giving permissions to a Chat-Bot in an environment.
(1) There are two permission levels: Environment-Permission and BOT-App-Permissions
(2) Each user needs to get permission to the environment at first
(3) The permission can be managed by a AZURE security group only.
(4) I need to create a new custom security role
(5) The new Role includes the following permissions: prvReadbot & prvReadbotcomponent
(6) I will add that role to the AZURE security group?
(7) I will add the AZURE security group to the BOT-App
(!) IMPORTANT: What kind of BOT type you are using WEB or TEAMS
(!) I will use as PowerPlatform Admin the Default Limits in "Limit Sharing in PowerPlatform"
Sharing rules in Dataverse for Teams environments don't affect sharing to a Teams team when you publish an agent to Teams.
However, when a user attempts to share an agent with individuals or groups in a team other than the one bound to the environment,
the sharing limits are enforced.
AND:
Members of a nested security group in an environment security group aren't pre-provisioned or automatically added to the environment.
However, they can be added into the environment when you create a Dataverse group team for the nested security group.
AND:
The default environment is intended to be shared with all users in the tenant and the developer environment is intended for use
by only the owner of the environment.
So that means the best approach is to create an explicit BOT environment and to check the general Limit Sharing and do not use nested security groups.
And if you use multiple BOTs in different environments best to maintain is to use CoE-Kit otherwise you run in problems.
If you put all BOTs in one environment you can use Power Automate as follows to count the bots for example:
Anything or extras I have missed out?
Thanks in advance :)
Kind regards
Michael
261
Share
Report
All responses (
Answers (
