Execute Privilege Name (ExecutePrivilegeName) property of Custom API in Dynamics 365 / Microsoft Dataverse

Sending
User Review
0 (0 votes)

In the previous post, we created a simple custom API  https://nishantrana.me/2021/01/13/use-custom-api-to-create-custom-messages-in-dynamics-365/

Let us look at its different properties starting with ExecutePrivilegeName

Execute Privilege Name attribute of custom API allows us to specify the name of the privilege that allows execution of the custom API.

Let us update the custom API and specify the privilege name.

For simplification, we have used prvCreateIncident here i.e. Create Case / Incident Privilege.

To get the Privilege name

https://%5Borgname%5D.api.crm.dynamics.com/api/data/v9.1/privileges?$select=name


To test, we updated the security of the Application User to Sales Manager role which doesn’t have the create incident privilege.

Calling the custom API this time as expected gave us the below error

{“error”:{“code”:”0x80040220″,”message”:”Principal user (Id=0f377e29-5545-eb11-a813-000d3a9bf733, type=8, roleCount=1, privilegeCount=727, accessMode=4), is missing prvCreateIncident privilege (Id=6cf9442b-e690-4cad-8b0a-e60464960b93) on OTC=112 for entity ‘incident’. context.Caller=0f377e29-5545-eb11-a813-000d3a9bf733″}}


If we specify an incorrect privilege name we would get the below error and will not be able to save the record.


Hope it helps..


 

Advertisements