Managing Azure Smart Flows User Permissions
During the authentication of the Smart Flows Microsoft Dynamics 365 CE connector, Microsoft Azure will ask the IT administrator to configure the user consent settings for the app. Smart Flows will not function for non-admin users when creating a Microsoft Dynamics 365 CE connector if the system configuration does not allow application user consent.
A user must be a Global Administrator or a Cloud Application Administrator to consent to Smart Flows. The Need Admin approval dialog will continue to display until an admin account either directly consents or delegates consent.
Permissions Required for Smart Flows
For permissions configuration between your system and ours within Azure Active Directory, please see the image below. We require access to the Common Data Service and Windows Azure Active Directory.
This permission consent is separate from the security roles assigned in Microsoft Dynamics 365 CE. IT Admins have several configuration options available to meet their organizational security requirements. In conjunction with Smart Flows, these approaches can interpreted as an intersection between effort and control.
Configure to Allow Delegation of Consent Based on Existing Groups
IT Administrators can delegate permissions for consent at the app level for Smart Flows. See Grant Admin consent for more information. For additional control, you can configure delegation consent to only allow delegation to users with a role in Smart Flows and Microsoft Dynamics 365 CE.
Create and Assign Smart Flows Consent to an Azure Group
Assigning consent permissions to a group allows organizations to tightly control what apps can access their dynamics data and who can provide that consent.
1. | In Microsoft Azure, navigate to Home/Enterprise applications/Xperdoc Smart Flows. |
2. | Set Assignment required to Yes. |
3. | Create a group for Smart Flows users. |
4. | Search for and select the created group. |
5. | Assign that group the permissions to consent for the ExperlogixSmart Flows application. |