Impersonation is the process by which a user can use another user's credentials to perform specific actions during a flow. This feature allows users who normally do not have permissions to key specific actions such as creating a task to perform that action via a carefully designed flow.
Impersonation with Microsoft Dynamics
When you start a flow via Microsoft Dynamics, the system can identify who executes the flow at run-time. The identification at run-time allows the system to continuously track who is moving the flow forward, even if they need to use another person's identify temporarily to perform specific actions.
Impersonation in Non-Microsoft Dynamics systems
If a flow is started outside of Microsoft Dynamics, the system cannot maintain the identities when using impersonation. When the flow runs, it will run with the person's credentials who created the connectors. Within the connector system, the system displays that the connector creator performed subsequent actions during the flow execution instead of the person who is running the flow.
However, you can cross-reference changes to your other systems with the flow runs via the Flow Execution Panel. This allows you to understand who runs flow quickly and easily troubleshoot issues.
Impersonation is an integral part of the Smart Flows ecosystem; however, it has some risks when the connectors to Smart Flows do not fully support impersonation.
- Data Exposure: Users in non- Dynamics environments run the flow as the creator of the connector, who typically has higher privileges than the person running the flow. This can expose sensitive data to the person running the flow.
- Change Management Tracking: Actions and changes display the person's name who created the connector rather than the person running the flow.