cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
niklasjegg
Resolver II
Resolver II

Remove Member from Group permission Error

Hello,

 

i have a Problem in my Powerapps triggered Flow.

 

I am trying to create an App for IT to add or Remove Members from specific Azure AD Security Groups.

 

My Connection is useing a service account. This service account is an Owner of the Azure AD Group.

 

When i am running the Flow from Powerapps everything works fine. The user gets added or removed from the group.

 

When other Users run the Flow from Powerapps the flow return the error at the "Remove Member from Group" Action. 

Insufficient privileges to complete the operation.

"Forbidden" Authorization_RequestDenied

Status Code 403

 

But the Connection Account is indeed the owner of the Azure AD Group.

 

Can someone tell me what the Problem might be? Maybe the user running the flow in Powerapps needs Azure AD permissions?

 

Thank you and best regards

Niklas

1 ACCEPTED SOLUTION

Accepted Solutions
DeepakS
Super User
Super User

Hi @niklasjegg ,

 

When you trigger flow from Power Apps , it runs under the user account who is running the app. that's the reason when other user using the app you are getting the error because flow is using user account and they may not have enough permission to remove users.

You have tow option:

  1. Give all app user permission to add/remove users
  2. Instead of calling flow directly from app, you should create a SP list where you can add a new item whenever app user want to add/remove users. and trigger your current flow on item creation on this list and run it using services account.

Regards,

Deepak S

View solution in original post

1 REPLY 1
DeepakS
Super User
Super User

Hi @niklasjegg ,

 

When you trigger flow from Power Apps , it runs under the user account who is running the app. that's the reason when other user using the app you are getting the error because flow is using user account and they may not have enough permission to remove users.

You have tow option:

  1. Give all app user permission to add/remove users
  2. Instead of calling flow directly from app, you should create a SP list where you can add a new item whenever app user want to add/remove users. and trigger your current flow on item creation on this list and run it using services account.

Regards,

Deepak S

Helpful resources

Announcements
MPA Virtual Workshop Carousel 768x460.png

Register for a Free Workshop

Learn to digitize and optimize business processes and connect all your applications to share data in real time.

Power automate tips 768x460 v2.png

Restore a Deleted Flow

Did you know that you could restore a deleted flow? Check out this helpful article.

Microsoft Build 768x460.png

Microsoft Build is May 24-26. Have you registered yet?

Come together to explore latest innovations in code and application development—and gain insights from experts from around the world.

May UG Leader Call Carousel 768x460.png

What difference can a User Group make for you?

At the monthly call, connect with other leaders and find out how community makes your experience even better.

Top Kudoed Authors
Users online (1,735)