You’re offline. This is a read only version of the page.
Announcements
85
I am looking for way to revoke a Security Role for a User in Dynamics365 FO for a specific organization only. I have tried following options:
1. https://<FO-BASE-URL>/data/SecurityUserRoleOrganizations?$filter=UserId eq 'U!' and SecurityRoleIdentifier eq 'BUDGETBUDGETCLERK' and OrganizationType eq 'LegalEntity' and OrganizationId eq 'dat'
2. https://<FO-BASE-URL>/SecurityUserRoleOrganizations(UserId='U!', SecurityRoleIdentifier='BUDGETBUDGETCLERK', OrganizationId='DAT')
None of the above URLs are working. instead, I am getting "No route data was found for this request." message. HTTP response code is 404.
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Please Note: To remove the Role altogether (for all the organizations) following URL is working.
https://<FO-BASE-URL>/data/SecurityUserRoles(UserId='U1', SecurityRoleIdentifier='LEDGERACCOUNTANT' )
But my requirement is to remove the role from a specific organization.
Hi Neeraj,
Your observation is correct that the two calls will insert two records. To remove the access to the 'dat' company you should have a separate OData call to delete it.
I'm not familiar with using direct OData. I'm using the Office add-in or Power Automate which takes care of the correct OData calls. You can probably find some more information in the documentation and referenced links; docs.microsoft.com/.../odata
To re-phrase my question, I would like to know how I would be able to delete an entry from SecurityUserRoleOrganizations? I tried a couple or service endpoints with no luck.
Hi Andre,
I tried your solution. Either it did not work or I didn't understand what you are saying. Can you please provide an example or the service endpoint that you intend to convey.
What I tried is:
Sent a post request on: https://<base-FO-URL>/data/SecurityUserRoleOrganizations
with JSON payload as follows:
HI Neeraj,
If you need to revoke a single legal entity from a role, you have to assign all valid legal entities. A role has access to all legal entities, unless you specify which would be included in the role.
E.g. you have the next legal entities.
DAT
LE01
LE02
LE03
LE04
LE05
LE06
LE07
LE08
LE09
LE10
If you need to revoke LE04, then you need to assign the role and to the user/role combination assign the next legal entities:
DAT
LE01
LE02
LE03
LE05
LE06
LE07
LE08
LE09
LE10
I have also tried sending a JSON body as follows:
{
"UserId": "U1",
"SecurityRoleIdentifier":"BUDGETBUDGETCLERK",
"OrganizationId": "DAT",
"OrganizationType": "LegalEntity"
}
My http request type for all the above requests is DELETE
#1
André Arnaud de Cal...
294,099
Super User 2025 Season 1
#2
Martin Dráb
232,866
Most Valuable Professional
#3
nmaenpaa
101,158
Moderator
Share
Report
All responses (
Answers (
