Showing results for 
Search instead for 
Did you mean: 
Not applicable

prvReadAsyncOperation privilege

I have an approval flow in an environment that worked twice and then started giving trouble.

The flow itself is fine, but I sent the approval to a user (my environment admin account created the approval request through the flow), which the user approved and rejected twice while testing - but now when they try and approve/reject the request they get the following error in Outlook and/or approvals portal:



Encountered a general permissions error trying to access the CDS database. This could be caused by modification of the approvals administrator or user roles, or by an incompatible plugin. Detailed message: 'Message: Principal user (Id=..., type=8, roleCount=1, privilegeCount=94, accessMode=4), is missing prvReadAsyncOperation privilege (Id=...) on OTC=4700 for entity 'asyncoperation'. context.Caller=...



I tried deleting and recreating Approvals connectors both for the requestor and responder - same result.

I then created a different flow in the environment as the user - initially it complained when I added the Approvals connector and clicked the down arrow to render the options for Approvals, saying;



Could not retrieve values. The caller with object id ... does not have permission for connection ...'shared-approvals under Api 'shared_approvals'. 



so I went back into Default environment and created an approval flow with no issues - options rendered fine - when I can back to this environment and tried again it rendered the Approval connector options fine (!?).  I then set the approval to send the same user account that created the approval an approval request.  Flow saved and ran fine - Same general permissions error on responding to the request.


Reading up on the error I've seen varying degrees of responses, but nothing has changed in the security setup for the environment (privilege or role based, user or non-interactive based) so I'm loathe to go poking around the CDS permissions - also, as I've said, the flow itself is fine, it's the action of responding to the flow as the responding user that is throwing the error, both in Outlook and in the flow approval actions portal.  


Any ideas or suggestions welcome!

Community Support
Community Support

Hi @Anonymous ,


It looks like something went wrong with the User-role permissions; have you modified the Approvals User role from the Security Roles setting, the impacted User seems to be missing read privileges on the Async Operation entity. Maybe we want to start from there...

Not applicable

Hope is not too late, but this worked for me.


  • Go to the flow app and then from settings choose the admin centre
  • choose the 'environments' tab on the left
  • select your default environment
  • Go to Configuration/Security Roles
  • Edit Approvals Administrator
  • Under Customization you should grant System Job read privilege.




Helpful resources

Process Advisor

Introducing Process Advisor

Check out the new Process Advisor community forum board!

MPA User Group

Welcome to the User Group Public Preview

Check out new user group experience and if you are a leader please create your group

MBAS on Demand

Microsoft Business Applications Summit sessions

On-demand access to all the great content presented by the product teams and community members! #MSBizAppsSummit #CommunityRocks

MBAS Attendee Badge

Claim Your Badge & Digital Swag!

Check out how to claim yours today!

Users online (109,938)