Applies to Product - Microsoft Dataverse
What’s happening?
The BypassCustomPluginExecution parameter is not functioning as expected, preventing the bypass of a custom plugin that checks the user's security role when attempting to delete multiple records of an entity.
Reason:
The underlying cause of this is related to the OData request for the impacted user, which was being updated due to customer VPN/proxy rules removing the required header and resulting in the bypass failure even when the parameter was set to true by the client.
Resolution:
- Verify the privileges assigned to the user attempting to execute the request, specifically checking for the "prvBypassCustomPlugins" privilege.
- Ensure that the BypassCustomPluginExecution request header (for Web calls) or the request parameter (for SDK calls) is correctly set to true in the request. See Microsoft Documentation
- If this persists, work with your IT admin to review the VPN/Proxy settings of the customer network or try on a machine which is not using the same VPN/Proxy.
