Exporting security role assignments in Dataverse (Power Platform) is essential for auditing, compliance, and user management. Using PowerShell, we can extract and export role assignments for all users into a structured format like CSV or Excel for easy analysis.
This guide covers:
Connecting to Dataverse
Retrieving security role assignments
Exporting data to CSV
Automating the export process
Step 1: Prerequisites
1. Install Required PowerShell Modules
If you haven’t installed them yet, run:
Install-Module -Name Microsoft.PowerPlatform.Dataverse.Client -Scope CurrentUser -Force
Install-Module -Name Microsoft.PowerApps.Administration.PowerShell -Scope CurrentUser -Force
2. Connect to Dataverse
Run the following command and sign in with your admin account:
Add-PowerAppsAccount
Now you’re connected!
Step 2: Retrieve Security Role Assignments
To list all security role assignments, use the following command:
Get-AdminPowerAppSecurityRoleAssignment -EnvironmentName "Default-12345"
This will return all users with assigned roles in the environment.
Step 3: Export Security Role Assignments to CSV
Use the following script to export all user-role assignments into a CSV file:
$environmentName = "Default-12345"
$outputFile = "C:\DataverseSecurityRoles.csv"
# Get all security role assignments
$roleAssignments = Get-AdminPowerAppSecurityRoleAssignment -EnvironmentName $environmentName
# Export to CSV
$roleAssignments | Select-Object UserId, RoleId, RoleName | Export-Csv -Path $outputFile -NoTypeInformation
Write-Host "Security role assignments exported to $outputFile"
Now you have a CSV file containing User IDs, Role IDs, and Role Names.
Step 4: Export Security Role Assignments to Excel
To export directly to Excel, install the ImportExcel module:
Install-Module -Name ImportExcel -Scope CurrentUser -Force
Now, use the following script:
$environmentName = "Default-12345"
$outputFile = "C:\DataverseSecurityRoles.xlsx"
# Get all security role assignments
$roleAssignments = Get-AdminPowerAppSecurityRoleAssignment -EnvironmentName $environmentName
# Export to Excel
$roleAssignments | Select-Object UserId, RoleId, RoleName | Export-Excel -Path $outputFile -WorksheetName "SecurityRoles"
Write-Host "Security role assignments exported to $outputFile"
Now you have a structured Excel file with all security role assignments.
Step 5: Automating the Export Process
To automate the export process on a scheduled basis, create a PowerShell script (ExportSecurityRoles.ps1) and schedule it using Windows Task Scheduler.
Automate Using Task Scheduler
- Open Task Scheduler (
taskschd.msc) - Click Create Basic Task
- Set the trigger (Daily, Weekly, or Custom)
- Choose Start a Program
- Browse and select
powershell.exe - Add the following in Arguments:
-File "C:\Scripts\ExportSecurityRoles.ps1" - Click Finish
Now, security role assignments will be exported automatically at the scheduled time!
Step 6: Verify Exported Data
To verify the exported data, open the CSV or Excel file and check if all users and roles are listed correctly.
For quick verification using PowerShell:
Import-Csv -Path "C:\DataverseSecurityRoles.csv" | Format-Table -AutoSize
This will display the exported data in a table format.