Tip #1424: The user does not have sufficient access right to run flow with custom connector

I’ve tried all the right things:

  1. Created, deployed, and configured custom connector into the target environment before importing the solution that uses the connector. All tests pass.
  2. Created a manual Power Automate flow as part of the solution.
  3. Shared the flow with the user (should not need to for the solution flows but just in case)
  4. Ensured that the flow runtime permissions are set correctly (correct use of run-only permissions)
  5. Shared custom connector with the user (should not need to but just in case)

And yet, when the said user tried to run the flow they kept getting this error message

Screenshot of an error message that reads:

The user '39b162da-9c30-eb11-a813-000d3a7953be' does not have sufficient access rights to perform this operation on entity with id c4bd1890-3b2f-43d5-8153-31b9e8487241 in instance with URL 'https://redacted.dynamics.com/'. Required access right 'ReadAccess' is missing.

This flow uses the following apps. A green check means you're ready to go.

This information seems to be helpful but then it generates more questions than answers:

  • Operation on entity with id XXX. Is that a record with that id or id of the actual entity/table?
  • What entity/table are we talking about here?
  • The flow uses unspecified list of apps – what is the relevance of this?

Long story short: user was missing read privileges on Connector table (and id mentioned is the id of the entity/table not of the record in the table). There are two Connector tables on the most instances I’ve seen and, just like the USB, you are going to get the first one wrong. There is an easier solution to the problem: assign Basic User role to the user. One of the permissions it includes is that very permission to read custom connectors (what did you think is in the Connector table?!).

Cover image by ds_30