Impersonation

Impersonation the process by which a user can use another user's credentials to perform specific actions during a flow is the process by which a user can use another user's credentials to perform specific actions during a flow. This feature allows users who normally do not have permissions to key specific actions such as creating a task to perform that action via a carefully designed flow.

Impersonation with Microsoft Dynamics 365 CE

When you start a flow via Microsoft Dynamics 365 CE, the system can identify who executes the flow at run-time. The identification at run-time allows the system to continuously track who is moving the flow forward, even if they need to use another person's identify temporarily to perform specific actions.

Impersonation in Non Microsoft Dynamics systems

If a flow is started outside of Microsoft Dynamics, the system cannot maintain the identities when using impersonation. When the flow runs, it will run with the person's credentials who created the connectors. This will show that the connector creator performed subsequent actions during the f low execution instead of the person who is running the flow.

However, you can cross-reference changes to your other systems with the flow runs via the Flow Execution Panel. This allows you to understand who runs flow quickly and easily troubleshoot issues.

Potential risks

Impersonation is an integral part of the Smart Flows ecosystem; however, it has some risks when the connectors to Smart Flows do not fully support impersonation.

Data Exposure: Users in non- Dynamics environments run the flow as the creator of the connector, who typically has higher privileges than the person running the flow. This can expose sensitive data to the person running the flow.
Change Management Tracking: Actions and changes display the person's name who created the connector rather than the person running the flow.