Business Rules Not Working for All Security Roles

Written By Kathleen Henry

If you’ve worked with model-driven Power Apps and Business Rules, chances are you’ve hit a frustrating and inconsistent behavior: Business Rules work perfectly for you—but not for others.

This issue has surfaced on multiple projects I’ve led, and the fix isn’t intuitive.


The Symptom

You're testing your app as a security admin or system customizer, and all the Business Rules behave exactly as expected. Fields are hidden or required when they should be, logic runs smoothly, and everything looks great.

But then… a user with a different role logs in and the rules don’t run at all. Fields that should be required are editable, and visibility toggles are ignored. What gives?


The Root Cause

The issue comes down to missing permissions on the Process table in the security roles.

Business Rules in model-driven apps are stored as records in the Process table. If a user doesn't have access to read those records, the app won’t apply the rules—even if they were published and active.


How to Fix It

Here’s how to update the security roles to ensure all users can properly trigger and see the effects of Business Rules:

  1. Go to Power Platform Admin Center or your solution editor where you manage security roles.

  2. Open the security role(s) in question.

  3. Select All Tables on the left side.

  4. In the search bar, type "Process".

  5. Locate the Process table and make sure the Read permission is set to Organization level.

🔍 Note:
If your security roles were created by copying the Basic User role, the Process table's Read privilege is often defaulted to 'User' level, which is not enough.


Tips for Testing

This issue is tricky to catch because admins can almost always see Business Rules working. To properly test:

  • Create a test user with only the target security role applied.

  • Log in as that user or use the "Run as" option in your app to verify Business Rule behavior.

  • Check that fields respond correctly to the rules you’ve configured.

Final Thoughts

Business Rules are a powerful way to simplify app logic and keep users focused. But without the correct security role configuration, you might leave some users flying blind.

It’s a small setting with a big impact—so take a moment to audit your roles and ensure your users have what they need to work effectively.

Kathleen Henry
Next

How to Calculate a New Date X Business Days After a Specific Date in Dataverse