This content originally appeared on DEV Community and was authored by Andrew Elans
When creating a new blank Security Role in Dataverse of Microsoft Power Platform, you would still see some default privileges sitting there.
This is a new role created:
You would need to spend some time to clear each of them separately.
Clear all at once
Go to admin.powerplatform.microsoft.com -> your env -> Settings -> Users + permissions -> Security roles -> create new.
Open Dev Tools -> Network in your browser -> clear previous logs there -> clear one role and Save.
Find this request in the Network tab:
Right click on it -> select Copy -> Copy as Fetch -> open Console -> clear console and paste the copied fetch into Console.
This is the fetch:
fetch("https://your-dev-env.dynamics.com//api/data/v9.0/roles(fdee67fc-bae6-ef11-be21-002248d73871)/Microsoft.Dynamics.CRM.ReplacePrivilegesRole", {
"headers": {
"accept": "application/json, text/plain, */*",
"accept-language": "en-GB,en-US;q=0.9,en;q=0.8,pt;q=0.7,no;q=0.6",
"authorization": "Bearer eyJ0e...",
"client-activity-id": "559f7931-4294-1111-a40e-9bcca1d32749",
"client-session-id": "4c69c380-e6ba-11ef-a40e-9bcca1d32749",
"consistency": "Strong",
"content-type": "application/json",
"priority": "u=1, i",
"request-id": "8ff86a50-1791-466e-b42c-7eb4bed93b5f",
"sec-ch-ua": "\"Not A(Brand\";v=\"8\", \"Chromium\";v=\"132\", \"Brave\";v=\"132\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"macOS\"",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "cross-site",
"sec-gpc": "1",
"x-ms-client-request-id": "1d9fb550-9bf0-4a07-b66d-135d6f0bd878",
"x-ms-client-session-id": "4c69c380-e6ba-11ef-a40e-9bcca1d32749"
},
"referrer": "https://admin.powerplatform.microsoft.com/",
"referrerPolicy": "origin",
"body": "{\"Privileges\":[{\"Depth\":\"Global\",\"PrivilegeId\":\"94c3ac2c-eb23-41cb-a903-4e2e49e910b4\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSdkMessage\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"db10a828-ec49-4035-8b7e-c58efaf169ec\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSdkMessageProcessingStep\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"122e085f-8c52-47e8-8415-875dee1c961e\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSdkMessageProcessingStepImage\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"9365005c-4703-473b-8d3c-d073cfd8670c\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadPluginType\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"d71fc8d0-99bc-430e-abd7-d95c64f11e9c\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSharePointDocument\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"fecbd29c-df64-4ede-a611-47226b402c22\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSharePointData\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"cfdd12cf-090b-4599-8302-771962d2350a\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvWriteSharePointData\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"5eb85025-363b-46ea-a77e-ce24159cd231\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvCreateSharePointData\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"}]}",
"method": "POST",
"mode": "cors",
"credentials": "include"
});
In the body of the fetch are the permissions being set. We change the body line to "body": "{\"Privileges\":[]}", and resubmit the modified fetch in the console.
Refresh the admin panel and you are done.
P.S. There is bug somewhere that does not allow to remove prvReadSharePointData permissions no matter what you try. I checked in two independent environments.
This content originally appeared on DEV Community and was authored by Andrew Elans
Andrew Elans | Sciencx (2025-02-09T08:29:36+00:00) Dataverse: clear all permissions from a Security Role at once. Retrieved from https://www.scien.cx/2025/02/09/dataverse-clear-all-permissions-from-a-security-role-at-once/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.