Latest Posts

Can’t save record – permission error

Posted on by Rishan Solutions

Loading

If you’re encountering a “Can’t Save Record – Permission Error” message when submitting a form in Power Pages (formerly Power Apps Portals), you’re likely facing a configuration issue related to Entity Permissions, Web Roles, or Form configuration. This guide will walk you through the possible causes and step-by-step solutions to resolve it.

What Does This Error Mean?

When a user tries to create, update, or delete a record via a Portal Entity Form, Web Form, or custom submission, and lacks appropriate Entity Permissions, the portal will block the operation and return a permission error.

This can happen in several cases:

  • Submitting a form
  • Saving a multi-step Web Form
  • Using JavaScript or Liquid to update/create a record
  • Inline editing from Entity List

Common Error Messages

  • “You do not have sufficient privileges to create record”
  • “Access denied”
  • “Save failed due to insufficient permissions”
  • 403 Forbidden in browser console

Root Causes

  1. Entity Permission missing on the table (Dataverse entity)
  2. Entity Permission does not include Create/Write/Delete privilege
  3. Web Role is not assigned to the portal user
  4. Form is scoped and lacks relationship permissions
  5. Lookup field causes cascading permission failure
  6. The portal cache is not refreshed after permission updates
  7. JavaScript errors mask the real error

Step-by-Step Troubleshooting and Fix

Step 1: Identify the Table and Operation

Ask:

  • What table (entity) is being saved? (e.g., Contact, Case, CustomRequest)
  • Is it a new record (Create) or existing record (Update)?
  • What fields are involved (especially Lookups)?

Step 2: Check or Create Entity Permission

  1. Go to Portal Management App
  2. Open Entity Permissions
  3. Create or open an Entity Permission:
    • Entity/Table: e.g., Case
    • Scope: Usually Global, Contact, or Account
    • Privileges: Ensure you select:
      • Create (for new records)
      • Write (for updating)
      • Delete (if delete involved)

Example:

Entity: Case
Scope: Contact
Privileges: Read, Create, Write

Step 3: Assign the Permission to a Web Role

  1. On the same Entity Permission, under Web Roles:
    • Add the correct Web Role
    • Make sure your user has that role assigned (see next step)

Step 4: Assign the Web Role to the User

  1. In Portal Management App
  2. Open Contacts
  3. Find your user (based on email or username)
  4. In the subgrid: Web Roles
  5. Add the Web Role containing your permission

Step 5: If Scoped, Check Relationship Access

If your permission is not Global (e.g., it’s Contact or Account), the portal must verify the relationship between user and the record.

For example:

  • A Contact can update their own Case if the Customer field of the Case points to them.

To configure:

  1. Under your scoped Entity Permission (e.g., Contact → Case), set up:
    • Child Entity Permission
    • Use the correct relationship (e.g., case_customer_contacts)

Step 6: Clear Portal Cache

Permission changes don’t reflect immediately unless you clear cache.

You can do this in one of the following ways:

  1. Go to:
    https://<yourportal>.powerappsportals.com/_services/about Click Clear Cache
  2. Or use Power Platform Admin Center → Environment → Portal → Maintenance → Clear Config Cache

Step 7: Check Browser Console for Errors

Use Developer Tools (F12) → Console and Network tabs:

  • If you see 403/401 or permission-related error in api/data/... call: → You likely missed a permission.
  • Check the form submission response payload. It may contain detailed error messages like:
    { "error": { "message": "Insufficient privilege to perform this action" } }

Step 8: Verify Form Configuration

In Entity Form / Web Form Step settings:

  • Make sure Record Source Type is correctly set (Create/Edit)
  • Lookup fields:
    • Ensure the referenced table has Read permissions
    • Complex lookups may need additional relationship permissions

Example Scenario Fix

Problem:
A portal user tries to submit a new Support Request form. The form is tied to the Case table and uses a lookup to Product.

Fix:

  1. Create Entity Permission on Case table:
    • Scope: Contact
    • Privileges: Read, Create
  2. Create Entity Permission on Product table:
    • Scope: Global
    • Privileges: Read
  3. Add both permissions to Web Role
  4. Assign Web Role to the portal user
  5. Set relationship access between Contact and Case (via case_customer_contacts)
  6. Clear cache
  7. Retest form submission

Tips and Best Practices

  • Always test permissions with a real portal user, not just in Dataverse
  • Start with Global scope for testing, then restrict
  • Don’t forget permissions on related tables (lookups)
  • Always clear cache after updates
  • Use browser dev tools to inspect hidden errors
  • Assign proper Web Roles on portal user Contact record

Leave a Reply

Your email address will not be published. Required fields are marked *