cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
DmitryRogozhny
New Member

Flow is not available for an AD group with run-only permissions

Hi,

 

Here's the scenario I'm trying to figure out:

1. I've got a Flow that can be started for a SharePoint item (with the 'For a selected Item' trigger).

2. When a user is granted with run-only permissions directly in Flow, they can see and run this Flow.

3. When an AD group is granted with run-only permissions and a user is a member of the group, the Flow is not available for the user.

 

- I've tried this scenario with several users and AD groups with the same result;

- I've tried it with several Flows with the same result;

- the user has got Edit permissions for a list.

 

This article https://flow.microsoft.com/en-us/blog/introducing-flow-launch-panel-in-sharepoint-lists-and-librarie... mentions that users and AD groups are supported ("...you can enter individuals or AD security groups...").

 

Thanks,

Dmitry Rogozhny.

1 ACCEPTED SOLUTION

Accepted Solutions
v-alzhan-msft
Community Support
Community Support

Hi @DmitryRogozhny ,

 

I afraid that the AD group has priority over the individual, so if the AD group is granted with run-only permissions and a user is a member of the group, the Flow is not available for the user.

 

Best regards,

Alice       

 

Community Support Team _ Alice Zhang
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

2 REPLIES 2
v-alzhan-msft
Community Support
Community Support

Hi @DmitryRogozhny ,

 

I afraid that the AD group has priority over the individual, so if the AD group is granted with run-only permissions and a user is a member of the group, the Flow is not available for the user.

 

Best regards,

Alice       

 

Community Support Team _ Alice Zhang
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Hi @v-alzhan-msft,

 

Thank you for your reply.

I think I wasn't clear enough, describing my problem. Let me try to clarify. 

 

The problem is that assigning AD group with run-only permissions does not work for me. Users from the group cannot run the flow.

 

So my question here is: should AD group work, when assigned with run-only permissions for a flow? Do I miss something? As it does not work for me.

 

The rest is just details about my experiments, when I was trying to work out the problem: e.g. that flow works fine, when I assign a user directly; or that I've tryied that with several groups and flows with the same result.

Helpful resources

Announcements
MPA Virtual Workshop Carousel 768x460.png

Register for a Free Workshop

Learn to digitize and optimize business processes and connect all your applications to share data in real time.

New Process Advisor Capabilities carousel.png

Read the blog for the latest news

Read the latest about new experiences and capabilities in the Power Automate product blog.

PA Survey Carousel Image.png

We want to hear from you!

If you are a small business ISV/Reseller, share your thoughts with our research team.

AI Builder AMA June 7th carousel (up on May 25th, take down June 8th) (1).png

'Ask Microsoft Anything' about AI Builder!

The AI Builder team invite you to ask questions and provide helpful answers at our next AMA.

Top Solution Authors
Users online (1,750)