.jpg?width=1920&height=1920&fit=bounds&quality=80&format=jpg&auto=webp#){kind=tracking}
Dataverse: clear all permissions from a Security Role at once
When creating a new blank Security Role in Dataverse of Microsoft Power Platform, you would still see some default privileges sitting there. This is a new role created: You would need to spend some time to clear each of them separately. Clear all at once Go to admin.powerplatform.microsoft.com -> your env -> Settings -> Users + permissions -> Security roles -> create new. Open Dev Tools -> Network in your browser -> clear previous logs there -> clear one role and Save. Find this request in the Network tab: Right click on it -> select Copy -> Copy as Fetch -> open Console -> clear console and paste the copied fetch into Console. This is the fetch: fetch("https://your-dev-env.dynamics.com//api/data/v9.0/roles(fdee67fc-bae6-ef11-be21-002248d73871)/Microsoft.Dynamics.CRM.ReplacePrivilegesRole", { "headers": { "accept": "application/json, text/plain, */*", "accept-language": "en-GB,en-US;q=0.9,en;q=0.8,pt;q=0.7,no;q=0.6", "authorization": "Bearer eyJ0e...", "client-activity-id": "559f7931-4294-1111-a40e-9bcca1d32749", "client-session-id": "4c69c380-e6ba-11ef-a40e-9bcca1d32749", "consistency": "Strong", "content-type": "application/json", "priority": "u=1, i", "request-id": "8ff86a50-1791-466e-b42c-7eb4bed93b5f", "sec-ch-ua": "\"Not A(Brand\";v=\"8\", \"Chromium\";v=\"132\", \"Brave\";v=\"132\"", "sec-ch-ua-mobile": "?0", "sec-ch-ua-platform": "\"macOS\"", "sec-fetch-dest": "empty", "sec-fetch-mode": "cors", "sec-fetch-site": "cross-site", "sec-gpc": "1", "x-ms-client-request-id": "1d9fb550-9bf0-4a07-b66d-135d6f0bd878", "x-ms-client-session-id": "4c69c380-e6ba-11ef-a40e-9bcca1d32749" }, "referrer": "https://admin.powerplatform.microsoft.com/", "referrerPolicy": "origin", "body": "{\"Privileges\":[{\"Depth\":\"Global\",\"PrivilegeId\":\"94c3ac2c-eb23-41cb-a903-4e2e49e910b4\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSdkMessage\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"db10a828-ec49-4035-8b7e-c58efaf169ec\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSdkMessageProcessingStep\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"122e085f-8c52-47e8-8415-875dee1c961e\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSdkMessageProcessingStepImage\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"9365005c-4703-473b-8d3c-d073cfd8670c\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadPluginType\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"d71fc8d0-99bc-430e-abd7-d95c64f11e9c\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSharePointDocument\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"fecbd29c-df64-4ede-a611-47226b402c22\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSharePointData\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"cfdd12cf-090b-4599-8302-771962d2350a\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvWriteSharePointData\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"5eb85025-363b-46ea-a77e-ce24159cd231\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvCreateSharePointData\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"}]}", "method": "POST", "mode": "cors", "credentials": "include" }); In the body of the fetch are the permissions being set. We change the body line to "body": "{\"Privileges\":[]}", and resubmit the modified fetch in the console. Refresh the admin panel and you are done. P.S. There is bug somewhere that does not allow to remove prvReadSharePointData permissions no matter what you try. I checked in two independent environments.
When creating a new blank Security Role in Dataverse of Microsoft Power Platform, you would still see some default privileges sitting there.
This is a new role created:
You would need to spend some time to clear each of them separately.
Clear all at once
Go to admin.powerplatform.microsoft.com -> your env -> Settings -> Users + permissions -> Security roles -> create new.
Open Dev Tools -> Network in your browser -> clear previous logs there -> clear one role and Save.
Find this request in the Network tab:
Right click on it -> select Copy -> Copy as Fetch -> open Console -> clear console and paste the copied fetch into Console.
This is the fetch:
fetch("https://your-dev-env.dynamics.com//api/data/v9.0/roles(fdee67fc-bae6-ef11-be21-002248d73871)/Microsoft.Dynamics.CRM.ReplacePrivilegesRole", {
"headers": {
"accept": "application/json, text/plain, */*",
"accept-language": "en-GB,en-US;q=0.9,en;q=0.8,pt;q=0.7,no;q=0.6",
"authorization": "Bearer eyJ0e...",
"client-activity-id": "559f7931-4294-1111-a40e-9bcca1d32749",
"client-session-id": "4c69c380-e6ba-11ef-a40e-9bcca1d32749",
"consistency": "Strong",
"content-type": "application/json",
"priority": "u=1, i",
"request-id": "8ff86a50-1791-466e-b42c-7eb4bed93b5f",
"sec-ch-ua": "\"Not A(Brand\";v=\"8\", \"Chromium\";v=\"132\", \"Brave\";v=\"132\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"macOS\"",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "cross-site",
"sec-gpc": "1",
"x-ms-client-request-id": "1d9fb550-9bf0-4a07-b66d-135d6f0bd878",
"x-ms-client-session-id": "4c69c380-e6ba-11ef-a40e-9bcca1d32749"
},
"referrer": "https://admin.powerplatform.microsoft.com/",
"referrerPolicy": "origin",
"body": "{\"Privileges\":[{\"Depth\":\"Global\",\"PrivilegeId\":\"94c3ac2c-eb23-41cb-a903-4e2e49e910b4\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSdkMessage\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"db10a828-ec49-4035-8b7e-c58efaf169ec\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSdkMessageProcessingStep\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"122e085f-8c52-47e8-8415-875dee1c961e\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSdkMessageProcessingStepImage\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"9365005c-4703-473b-8d3c-d073cfd8670c\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadPluginType\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"d71fc8d0-99bc-430e-abd7-d95c64f11e9c\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSharePointDocument\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"fecbd29c-df64-4ede-a611-47226b402c22\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvReadSharePointData\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"cfdd12cf-090b-4599-8302-771962d2350a\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvWriteSharePointData\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"},{\"Depth\":\"Global\",\"PrivilegeId\":\"5eb85025-363b-46ea-a77e-ce24159cd231\",\"BusinessUnitId\":\"0c2e60b1-4abe-ef11-b8e9-00224875e5a9\",\"PrivilegeName\":\"prvCreateSharePointData\",\"RecordFilterId\":\"00000000-0000-0000-0000-000000000000\",\"RecordFilterUniqueName\":\"\"}]}",
"method": "POST",
"mode": "cors",
"credentials": "include"
});
In the body of the fetch are the permissions being set. We change the body line to "body": "{\"Privileges\":[]}", and resubmit the modified fetch in the console.
Refresh the admin panel and you are done.
P.S. There is bug somewhere that does not allow to remove prvReadSharePointData permissions no matter what you try. I checked in two independent environments.
![Discord Bot and a website communication, what should be the system design [closed]](https://cdn.sstatic.net/Sites/softwareengineering/Img/apple-touch-icon@2.png?v=1ef7363febba)
