As I was “sharpening my saw” with deploying Power Platform solutions from one environment to another I ran into a “gotcha” that took a couple of days to resolve! Ugh!
Let me set the stage.
In my Dev environment I have a solution that contains the following:
Sample 1 Item– Custom Dataverse EntitySample 1 Item list– Cloud flow to retrieve a list of rows fromSample 1 ItemSample 1 Users– Custom security role, which I didn’t really need, because it is my flow that connects to the Dataverse, but I decided to leave it in there anyway.Sample 1 Dataverse Connection Reference– Connection reference for accessing Dataverse, flows need this.Sample 1 Canvas App– Canvas App that calls my flow and displays the results.
The Sample 1 Item List cloud flows consists of the following trigger and actions:
Power Apps (V2)– Needs to be Power Apps (V2) so it can be shared asRun Only Users, will be triggered from a Power App.Dataverse - List Rows– Read rows from theSample 1 Itemtable.Variables - Initialize variable– An array variable calleditems, that will hold theNameof theSample 1 Item.Control - Apply to each– Loop through each row in theSample 1 Itemrows.Variables - Append to array– Append a new JSON object consisting of just theNameof theSample 1 Item.Response– Return the theitemsarray variable.
The Sample 1 Canvas App does the following:
In the OnStart of the App, a collection called Items, is populated with the response from the Run action of the Sample 1 Item List cloud flow.
Items is then displayed in a Gallery control.
There is also a button that can call the cloud flow to repopulate the Gallery control.
Pretty simple straight forward Power Platform app.
I am now ready to move it my Prod environment! From my Dev environment, I navigate to the the Solutions and click Export. I export the solution as a managed solution.
Once the export is completed I click Download.
I navigate to my Prod environment, click on Solutions and select Import. I select the file I downloaded in the previous step.
Everything goes as plan.
I then share the Sample 1 Canvas App with the Security Group assigned to the environment.
I know it says User, but it is really a Security Group, promise!
I then hop over to my Sample 1 Item List flow and Edit the Run only users and add my Security Group.
Should be good to go now! I’ll share the link to the Canvas App with my test user.
When I run my app with my test user, I see the app, but I do not see any of the data from the Sample 1 Item table.
Ugh! Where is my data? What did I miss!
After a couple of days, working with peers, I finally figured out my issue, my test user was not assigned to any role, which is going to present some challenges for accessing the app and the flows.
I needed to add the Basic User security role to my Security Group.
What is the Basic User?
Environments include predefined security roles that reflect common user tasks with access levels defined to match the security best-practice goal of providing access to the minimum amount of business data required to use the app, Basic User is one of these roles.
For a complete list of roles see Configure user security to resources in an environment.
The Basic User can run an app within the environment and perform common tasks for the records that they own. Note that this only applies to non-custom entities.
I navigated to the Power Platform Admin Center, and selected Environments.
I then clicked on my Prod environment.
I selected See all from Security Roles.
I found the Basic User role in the list and clicked on it.
I clicked Add people and added my Security Group.
I gave it a little time, couple of minutes, seems the way of the Power Platform.
I tried accessing the app with my test user and what do you know? It worked! I saw the items from my Sample 1 Item table.
That was it!
Makes sense now that I think about it in hindsight, but troubleshooting was a nightmare!
Enjoy!
Discover more from Matt Ruma
Subscribe to get the latest posts to your email.