Steps to onboarding a user to a Power Platform environment
Introduction
When working on a Power Platform project, one of the most important steps is user onboarding process. During which, a company needs to grant user(s) access to one or multiple environments.
In this article, we will explain step by step how we can add a user to an environment having Dataverse database.
There are many considerations that go into provisioning access, most important are:
· Security group
· Licensing
· Microsoft Dataverse Security Role
Create a security group and add members to the security group
1. Sign in to the Microsoft 365 admin center
2. Select Teams & groups > Active teams & groups
3. Select + Add a group
4. Change the type to security group, add the group Name and Description. Select Add > Close
5. Select the group you created, and then next to Members, select Edit
6. Select + Add members. Select the users to add to the security group, and then select Save > Close several times to return to the Groups list.
7. To remove a user from the security group, select the security group, next to Members, select Edit. Select – Remove members, and then select X for each member you want to remove
If the users you want to add to the security group are not created, create the users and assign to them the Dataverse licenses.
Create a user and assign license
In the Microsoft 365 admin center, select Users > Active users > + Add a user.
Enter the user information; select licenses and then select Add.
You can assign licenses to users on either the Active users page, or on the Licenses page.
Associate a security group with an environment
1. Sign in to the Power Platform admin center as an admin (Dynamics 365 admin, Global admin, or Microsoft Power Platform admin)
2. In the navigation pane, select Environments, select an environment, and then select Edit
3. In the Edit details page, select Edit
4. Select a security group, select Done, and then select Save
The security group is associated with the environment
Remove a security group’s association with an environment
1. Sign in to the Power Platform admin center as an admin (Dynamics 365 admin, Global admin, or Microsoft Power Platform admin)
2. In the navigation pane, select Environments, select an environment, and then select Edit
3. In the Settings page, select Delete
4. Confirm removal, select Remove, and then select Save
The security group associated with the environment will be removed and the environment’s access will no longer be restricted to only users that are members of that group
Assign a security role
1. Sign in to the Power Platform Admin center as a System Administrator
2. Select Environments, and then select an environment from the list
3. Select Setting
4. Select Users + permissions, and then select Users
5. On the Users page select a user, and then select Manage security roles
6. Select or deselect security roles. If the user has roles already assigned. When finished, select Save.
Notes
· When users are added to the security group, they are added to the environment.
· When users are removed from the group, they are disabled in the environment.
· When a security group is associated with an existing environment with users, all users in the environment that are not members of the group will be disabled.
· If an environment does not have an associated security group, all users with a Dataverse license (customer engagement apps (Dynamics 365 Sales, Dynamics 365 Customer Service, Dynamics 365 Field Service, Dynamics 365 Marketing, and Dynamics 365 Project Operations), Power Automate, Power Apps, etc.) will be created as users and enabled in the environment.
· If a security group is associated with an environment, only users with Dataverse licenses or per app plan that are members of the environment security group will be created as users in the environment
See Links
https://learn.microsoft.com/en-us/power-platform/admin/control-user-access
https://learn.microsoft.com/en-us/power-platform/admin/assign-security-roles
Thanks for reading ….