cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
martinlaukkanen
Advocate I
Advocate I

Users cannot see Business Process Flow stages with custom security role

Hi,

 

I have created a custom business process flow for an entity and also custom security roles assigned to my users, the users can start a process but not see all the stages (or go forward in the process).

 

E.g.

martinlaukkanen_0-1607681402657.png

My Admin user will see the complete process:

martinlaukkanen_1-1607681446126.png

 

I have configured the Security role with permissions to the BPF:

martinlaukkanen_3-1607681572955.png

 

As well as confirmed that the users have permissions to the entity. Also I have tried setting permissions on the "Customization" tab for "Process, Process Configuration and Process Session" but nothing helps.

 

What's telling is that the users cannot see the raw data via OData, e.g.

/api/data/v9.0/processstages

Returns nothing for users but for my users I see everything.

 

What have I missed?

 

Thanks,

Martin

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
martinlaukkanen
Advocate I
Advocate I

Thanks for the suggestions, I did check to make sure that all teams had the CDS User default role, but that didn't fix it.

 

In the end it was the permissions under "customization", the role needed process and process session permission greater than user, so the below worked. (Earlier I had only read / user owned)

martinlaukkanen_0-1607951924698.png

 

Cheers,

View solution in original post

2 REPLIES 2
HSheild
Super User
Super User

Hi @martinlaukkanen 

 

Troubleshooting custom security roles can be very tedious.  I always find it best to start with an OOTB security role like Common Data Service User, copy it and then add permission on top of it, in order to create a custom role.  The reason for this is that the OOTB security roles usually have all the minimum requirements for running standard things like Business Process Flows.  I find it is usually easier to start with a OOTB security role, see if it works and then remove the permission that it shouldn't have rather than trying to add permissions to an empty role.

martinlaukkanen
Advocate I
Advocate I

Thanks for the suggestions, I did check to make sure that all teams had the CDS User default role, but that didn't fix it.

 

In the end it was the permissions under "customization", the role needed process and process session permission greater than user, so the below worked. (Earlier I had only read / user owned)

martinlaukkanen_0-1607951924698.png

 

Cheers,

View solution in original post

Helpful resources

Announcements
UG GA Amplification 768x460.png

Launching new user group features

Learn how to create your own user groups today!

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

M365 768x460.jpg

Microsoft 365 Collaboration Conference | December 7–9, 2021

Join us, in-person, December 7–9 in Las Vegas, for the largest gathering of the Microsoft community in the world.

Users online (1,332)