Home > System > Permissions > Create a Dynamic Permission Group
Export to PDFCreate a Dynamic Permission Group
Dynamic permission groups allow organizations to automatically assign EnPower permissions to users based on their native Microsoft Power Platform roles. This streamlines access management by mapping EnPower permissions to Microsoft administrative roles, ensuring that users receive the correct permissions without manual intervention.
Supported modules include:
Once configured, permissions are dynamically applied based on the user’s role in Power Platform, reducing administrative overhead and improving governance consistency.
*Note: If a user is in both common and dynamic permission groups, permissions from the common group will apply.
To create a dynamic permission group, complete the following steps:
-
In Permissions > Dynamic permission groups tab, click Create.
-
On the Create dynamic permission group page, first provide the basic information of the group, including name, description, tenant, and group expiration date. Then, click Next to proceed.
-
In the Scope and permissions step, select the EnPower permissions for the following Power Platform roles:
-
Environments – EnPower permissions to manage environments, Power Automate flows, and Power Apps can be assigned to EnPower users with the following environment roles in Microsoft.
-
System admin
-
Environment admin
-
-
Power Automate – EnPower permissions to manage cloud flow and desktop flows can be assigned to EnPower users with the following Power Automate roles in Microsoft.
-
Flow co-owner
-
Flow creator
-
-
Power Apps – EnPower permissions to manage apps and deleted apps can be assigned to EnPower users with the following Power App roles in Microsoft.
-
App owner
-
App creator
*Note: For model-driven apps, only app owner or creator with security roles will have the assigned access.
-
-
-
Click Save. The permission group will be created.