Be Careful when Configuring Security Roles for Business Process Flows in Dynamics 365

Roshan Mehta, 04 September 2017

Microsoft Dynamics 365 introduces a fancy new editor for Business Process Flows. Although it looks slick and provides a visual representation of your processes, there is a fundamental problem with the new designer with regards to Security Roles. To illustrate the issue, I will be comparing the designer in CRM 2016 with the designer in Dynamics 365.

Firstly, let’s look at what happens when a user tries to enable security roles for a Business Process Flow in CRM 2016. A light-box appears where the user can enable the flow for everyone, or select specific roles.


In comparison, Dynamics 365 does something very different. Instead of opening a lightbox, it opens the same screen that a user would see if they tried to create or modify existing security roles in the Security area of the system. In fact, it opens in a separate window and there is no OK button to apply the roles to the flow.


This issue is made worse if you have upgraded a Business Process Flow which is enabled for certain Security Roles from CRM 2016 to Dynamics 365. Let’s say you wanted to remove an existing role from the Business Process Flow. Again, there are no buttons available to link or unlink the role from the process flow, so users might think to use the Delete button instead. If you do this, it will delete the Security Role from the system entirely!


Be very careful when configuring Security Roles with Business Process Flows in Dynamics 365!