cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
New Member

Anonymous Users not granted Entity Permissions

According to Microsoft Docs:

"The Anonymous Users Role is intended to be used with Entity Permissions. It will not respect any other rules or permissions. By enabling the "Anonymous Users Role" it will become the default web role for all users." - https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/create-web-roles

 

I configured Site Settings to enable WebAPI on the Contact entity, and on the firstname and lastname fields. I also configured an Entity Permission to allow update of the Contact entity, and assigned the EP to the default 'Anonymous Users' role (Anonymous Users Role field = Yes). I am making a WebAPI call on my portal to set the Firstname and Lastname fields of the current Contact when they first land on the Profile page after registering. The call fails returning a 403 (Forbidden) error:

 

error: {code: "90040102", message: "You don’t have permission to update contact entity."}

 

If I go into D365, and assign the Contact the 'Anonymous Users' Role, then the WebAPI call is successful and the firstname and lastname fields are updated. Considering that it works when the Contact is assigned the 'Anonymous Users' web role, it makes me think I have configured the Entity Permissions correctly and that the Contact after registration isn't gaining the Anonymous Users role.

Does anyone have any idea why the Contact after registration doesn't have the 'Anonymous Users' role applied? Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Super User
Super User

Hi @adamgatt ,

Did I understand you correctly that you are using web API after a user is registered on the portal? If yes that means that the user is already authenticated and anonymous web role is not applicable anymore.

----------------------------------------------------
If you find this post helpful consider marking it as a solution to help others find it.

View solution in original post

3 REPLIES 3
Super User II
Super User II

Have you tried with different entities just as a test?

I am wondering here if this is a security behavior because of the Contact entity is a special one. But in my opinion it looks like you have configured everything correctly and that should work with no issues.




If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.

Power Apps Portals Super User


Oliver Rodrigues


 

Super User
Super User

Hi @adamgatt ,

Did I understand you correctly that you are using web API after a user is registered on the portal? If yes that means that the user is already authenticated and anonymous web role is not applicable anymore.

----------------------------------------------------
If you find this post helpful consider marking it as a solution to help others find it.

View solution in original post

New Member

Thank you both for your replies! Appreciate the help!

OOlasyn's response was correct. I applied the EP to the 'Authenticated User's role and it now works. I thought that the user would not be considered an 'Authenticated User' until they had verified their account via the email link. An oversight on my part.

Helpful resources

Announcements
New Badges

New Solution Badges!

Check out our new profile badges recognizing authored solutions!

New Power Super Users

Congratulations!

We are excited to announce the Power Apps Super Users!

Power Apps Community Call

Power Apps Community Call: February

Did you miss the call? Check out the Power Apps Community Call here.

Microsoft Ignite

Microsoft Ignite

Join digitally, March 2–4, 2021 to explore new tech that's ready to implement. Experience the keynote in mixed reality through AltspaceVR!

Users online (57,591)