cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
martinlaukkanen
Advocate I
Advocate I

Users cannot see Business Process Flow stages with custom security role

Hi,

 

I have created a custom business process flow for an entity and also custom security roles assigned to my users, the users can start a process but not see all the stages (or go forward in the process).

 

E.g.

martinlaukkanen_0-1607681402657.png

My Admin user will see the complete process:

martinlaukkanen_1-1607681446126.png

 

I have configured the Security role with permissions to the BPF:

martinlaukkanen_3-1607681572955.png

 

As well as confirmed that the users have permissions to the entity. Also I have tried setting permissions on the "Customization" tab for "Process, Process Configuration and Process Session" but nothing helps.

 

What's telling is that the users cannot see the raw data via OData, e.g.

/api/data/v9.0/processstages

Returns nothing for users but for my users I see everything.

 

What have I missed?

 

Thanks,

Martin

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
martinlaukkanen
Advocate I
Advocate I

Thanks for the suggestions, I did check to make sure that all teams had the CDS User default role, but that didn't fix it.

 

In the end it was the permissions under "customization", the role needed process and process session permission greater than user, so the below worked. (Earlier I had only read / user owned)

martinlaukkanen_0-1607951924698.png

 

Cheers,

View solution in original post

2 REPLIES 2
HSheild
Super User
Super User

Hi @martinlaukkanen 

 

Troubleshooting custom security roles can be very tedious.  I always find it best to start with an OOTB security role like Common Data Service User, copy it and then add permission on top of it, in order to create a custom role.  The reason for this is that the OOTB security roles usually have all the minimum requirements for running standard things like Business Process Flows.  I find it is usually easier to start with a OOTB security role, see if it works and then remove the permission that it shouldn't have rather than trying to add permissions to an empty role.

martinlaukkanen
Advocate I
Advocate I

Thanks for the suggestions, I did check to make sure that all teams had the CDS User default role, but that didn't fix it.

 

In the end it was the permissions under "customization", the role needed process and process session permission greater than user, so the below worked. (Earlier I had only read / user owned)

martinlaukkanen_0-1607951924698.png

 

Cheers,

View solution in original post

Helpful resources

Announcements
PA_User Group Leader_768x460.jpg

Manage your user group events

Check out the News & Announcements to learn more.

Power Query PA Forum 768x460.png

Check it out!

Did you know that you can visit the Power Query Forum in Power BI and now Power Apps

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

PowerPlatform 768x460.png

Microsoft Learn

Check out our new Discover Your Career Path blog post series and get all the details.

Users online (1,309)