cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

prvReadAsyncOperation privilege

I have an approval flow in an environment that worked twice and then started giving trouble.

The flow itself is fine, but I sent the approval to a user (my environment admin account created the approval request through the flow), which the user approved and rejected twice while testing - but now when they try and approve/reject the request they get the following error in Outlook and/or approvals portal:

 

 

Encountered a general permissions error trying to access the CDS database. This could be caused by modification of the approvals administrator or user roles, or by an incompatible plugin. Detailed message: 'Message: Principal user (Id=..., type=8, roleCount=1, privilegeCount=94, accessMode=4), is missing prvReadAsyncOperation privilege (Id=...) on OTC=4700 for entity 'asyncoperation'. context.Caller=...

 

 

I tried deleting and recreating Approvals connectors both for the requestor and responder - same result.

I then created a different flow in the environment as the user - initially it complained when I added the Approvals connector and clicked the down arrow to render the options for Approvals, saying;

 

 

Could not retrieve values. The caller with object id ... does not have permission for connection ...'shared-approvals under Api 'shared_approvals'. 

 

 

so I went back into Default environment and created an approval flow with no issues - options rendered fine - when I can back to this environment and tried again it rendered the Approval connector options fine (!?).  I then set the approval to send the same user account that created the approval an approval request.  Flow saved and ran fine - Same general permissions error on responding to the request.

 

Reading up on the error I've seen varying degrees of responses, but nothing has changed in the security setup for the environment (privilege or role based, user or non-interactive based) so I'm loathe to go poking around the CDS permissions - also, as I've said, the flow itself is fine, it's the action of responding to the flow as the responding user that is throwing the error, both in Outlook and in the flow approval actions portal.  

 

Any ideas or suggestions welcome!

2 REPLIES 2
RaashiSen
Community Support
Community Support

Hi @Anonymous ,

 

It looks like something went wrong with the User-role permissions; have you modified the Approvals User role from the Security Roles setting, the impacted User seems to be missing read privileges on the Async Operation entity. Maybe we want to start from there...

Anonymous
Not applicable

Hope is not too late, but this worked for me.

 

  • Go to the flow app and then from settings choose the admin centre
  • choose the 'environments' tab on the left
  • select your default environment
  • Go to Configuration/Security Roles
  • Edit Approvals Administrator
  • Under Customization you should grant System Job read privilege.

 

PrvReadAccess.JPG

 

Helpful resources

Announcements
Power Automate News & Announcements

Power Automate News & Announcements

Keep up to date with current events and community announcements in the Power Automate community.

Power Automate Community Blog

Power Automate Community Blog

Check out the latest Community Blog from the community!

Users online (5,076)