Power BI AI Toolkit: Build Better Reports Faster with Copilot

June 2, 2026June 3, 2026emguyant 1 Comment

This is the second post in the Power BI AI Toolkit series. The series takes a practical look at how AI is changing the way we build in Power BI. From Power BI Copilot built directly into Power BI Desktop to fully autonomous, agent-based workflows.

In the first post, Power BI AI Toolkit: Evaluating Copilot for DAX Development in Power BI Desktop, we covered how Power BI Copilot can help you write, debug, and document DAX measures without ever leaving the tool. This time, we’re staying in Power BI Desktop but shifting the focus from the semantic model to the report canvas itself.

It’s easy to overlook that Power BI Copilot helps with more than generating DAX or documenting measures. In this post, we explore how to use Power BI Copilot to design report pages, generate visuals, and explore data without writing code or leaving the tool.

If you have a semantic model you’re happy with and a blank report canvas, this one’s for you. A sample report is available for download at the end of this post so you can follow along and test these prompts against the same data.

From Model to Report

Here is the scenario we will use to explore Power BI Copilot’s capabilities in Power BI Desktop for report development. A Power BI developer at a small retail store just finished developing a semantic model and now needs to begin developing the report to deliver insights to the stakeholders.

Three pages are needed: an executive summary, a regional sales breakdown, and a product performance view. Starting from scratch could take considerable time before anyone has seen anything worth reviewing.

This is where we put Power BI Copilot to the test. Not as a replacement for the developer, but as a tool to get from blank canvas to something reviewable much faster.

Before You Start

A few things must be in place before Copilot works in Power BI Desktop for report development. Check these before you get too far.

Capacity and licensing: You need admin, member, or contributor access to at least one workspace assigned to a paid Fabric capacity (F2 or higher) or Power BI Premium capacity (P1 or higher). Power BI Premium Per User (PPU) is not supported. For more information, see Use Copilot in Power BI Desktop.

Tenant-level setting: Copilot must be enabled at the tenant level in the Fabric Admin Portal. Note that in Desktop, the Copilot button appears in the ribbon even when the tenant setting is off. If Copilot shows up but does not respond, check this first. For more information, see Enable Fabric Copilot for Power BI.

Workspace association: The first time you open the Copilot pane in Power BI Desktop, you will be prompted to associate a workspace.

Q&A feature switch: The Q&A feature switch in your semantic model must be enabled. If it is off, report page creation will not work. This is easy to overlook. For more information, see Create and Edit Power BI Reports with Copilot.

Step-by-Step: Building a Report with Copilot

Step 1: Open the Copilot Pane

With your report open in Power BI Desktop, select the Copilot icon in the ribbon. The Copilot pane will open on the right side of the screen.

If this is your first time using Power BI Copilot, you will be prompted to associate a workspace before using Copilot. Pick a workspace assigned to a supported Fabric or Premium capacity.

If the Copilot button is visible in the ribbon but nothing happens when you select it, check the tenant-level setting covered in the Before You Start section. This is the most common reason Copilot appears available but does not respond.

Once the pane is open and a workspace is associated, you are ready to start building.

Step 2: Let Power BI Copilot Suggest Report Content

At the top of the Copilot pane, you will see a suggested prompt labeled “Suggest content for a new report page”. This is a good starting point if you are not sure how to structure the report or just want to see what Copilot thinks is worth showing.

When you select it, Copilot scans the semantic model and returns a set of suggested report pages, each with a title and a brief description. You can select the pages you want and let Copilot build them, or use the suggestions as a starting point for your own prompts.

Using the suggested pages, you can directly create them by using the “+ Create” option or edit the prompt using the “Edit” option.

For this walkthrough, start with the suggested Regional Sales Analysis page using the “+ Create” option. This is a good way to get a feel for what Power BI Copilot can do out of the box without writing a single prompt.

Copilot will make its own decisions about which visuals to use, which fields to pull in, and how to structure the page. The result will not be perfect, but it gives you an honest baseline for what the suggested content feature can produce on its own against your semantic model.

This is a spot where report creators can expect too much. The pages Copilot generates at this stage are basic drafts, not finished products. Treat them as a starting point and move on from there.

Once you have reviewed the Regional Sales Analysis page, the next step is to go deeper using a custom prompt. This is where the Product Performance page comes in, which is the second page from our retail scenario. Rather than relying on Copilot’s suggestions, you will write a targeted prompt built around a specific business question. That is what Step 3 covers.

Note: Because of the generative nature of Power BI Copilot, it may not produce the exact same pages, visuals, or field selections as shown here. The patterns and behaviors should be consistent, but the specific output may vary each time you run the same prompt.

Step 3: Prompt Power BI Copilot Directly for a Specific Page

Once you have a feel for what Copilot can do, writing your own prompts is a more reliable way to get pages that match your requirements. Instead of selecting “Suggest content for this report,” type your request directly into the Copilot pane.

The quality of the output depends on the quality of the prompt. Most people underestimate what Copilot can do because their prompts are too vague to produce useful results.

Here is a simple example of the difference:

Too vague	“Create a product performance page”
Business question-driven	“Create a product performance page that explores and provides insights on what products are growing year over year and how product sales across categories and regions are trending compared to last year.”

Using the second prompt in the retail semantic model, Copilot returned a page with two KPI cards for current-year sales and YOY growth, a YOY-by-product bar chart, a current-year vs. last-year comparison by product, a regional breakdown by product, and both a product and region slicer. All of that from a single prompt, with no visual types specified.

The more context you give, the better the output. References to business questions, specific fields, time periods, and audiences help Copilot produce something closer to what you need on the first attempt.

A few patterns that tend to work well:

Frame the prompt around a business question: “which products are…”, “how are regions performing against…”
Reference the audience where relevant: “Create a page for regional sales managers showing…”
Reference specific measure names when you know them: “Use Sales Metric (CY) and Sales Metric (LY)…”

Copilot works best when the prompt describes the business need, not just the visual type. Asking for “a bar chart of sales by region” gets you a bar chart. Asking for “a page that helps regional managers compare their performance against targets” gets you something more useful.

Step 4: Edit Visuals Using Power BI Copilot Follow-Up Prompts

Once Copilot has generated the page, you can refine it with follow-up prompts directly in the Copilot pane, without manually rebuilding anything.

Looking at the Product Performance page generated in Step 3, the output was a starting point but not perfect. The bottom-left chart uses a line chart to display current-year and last-year sales by year and region, and it is difficult to read.

A follow-up prompt can be used to address this:

“Change the Sales Metric (CY) and Sales Metric (LY) by Year and Region chart to a clustered column chart.”

This produces a cleaner result. A clustered bar chart handles two measures side by side across a category axis in a way that is much easier to read than the original line chart configuration.

Follow-up prompts work best when they are focused on one targeted change at a time, with a specific visual referenced.

Each prompt builds on the page’s current state, so you can work iteratively, reviewing one change at a time before moving on to the next.

This is where things can get confusing. Copilot edits at the page level, not the individual visual level. If your prompt is not clear about which visual you are referring to, Copilot may apply changes more broadly than intended. Referencing the visual by its title or the measures it contains helps avoid this.

If a follow-up prompt produces an unexpected result, use the Undo button in Power BI Desktop to step back and try a more specific prompt. Do not keep layering prompts onto a result you are not happy with. Starting fresh from the last good state, with a cleared chat history, is almost always faster.

Step 5: Add a Narrative Summary Visual using Power BI Copilot

A useful but often overlooked feature of Power BI Copilot is the ability to add a narrative summary visual to a report page. This is a text-based visual generated by Copilot from the page’s data.

To add one, select the Narrative visual from the Visualizations pane. Once the visual is placed on the canvas, you will see a prompt inside it to generate a summary with Copilot.

Before generating, note that the narrative pane includes a link to the Copilot terms. If you use this feature in an organizational context, take a few minutes to review these terms and ensure they align with your organizational requirements before proceeding. This is easy to skip, but it is worth being aware of, especially how data is processed when generating the narrative.

After reading the Copilot terms, select the Copilot option, and Copilot will produce a written summary of the data currently visible on the page.

A few things worth knowing:

You can scope the summary. By default, Copilot attempts to summarize the full page, but you can prompt it to focus on specific visuals or questions.

For example:

“Summarize the year-over-year performance by product.”
“Highlight which products are underperforming compared to last year.”
“Focus on the regional breakdown and call out any significant differences.”

The summary responds to slicer selections. If a user filters the page by region or product, the narrative updates to reflect the filtered data. This makes it useful on pages where the audience is expected to explore the data themselves.

It is a starting point, not a finished output. The language Copilot produces is functional but often generic. Treat it as a draft. You can refine it using follow-up prompts within the narrative visual.

One thing that is easy to miss is that the narrative visual is separate from the Copilot pane. Follow-up prompts for the narrative are entered directly in the visual, not in the main Copilot pane on the right.

Step 6: Refine and Finish Manually

This is where Copilot hands off to the developer, and it is an important handoff to recognize. The pages Copilot generates are a starting point, but not production-ready. Expecting them to be is the most common source of disappointment with the tool.

Here is what typically needs manual attention after Copilot has done its part:

Layout and spacing. Copilot places visuals on the canvas in a functional arrangement, but it is rarely the arrangement you would choose yourself. Resizing and repositioning visuals can significantly affect how the finished page reads.

Formatting and theming. Copilot applies the report theme styling when generating pages, but often needs some manual adjustments. Individual visual formatting, fonts, colors, and axis labels will still need attention.

Slicers and cross-filter behavior. Copilot will add slicers where it thinks they are appropriate, but the placement, style, and cross-filter configuration usually need to be reviewed. Check that slicers interact with the correct visuals and that the filter behavior matches the report’s intended behavior.

Visual titles and labels. The titles Copilot generates are descriptive but often verbose. Cleaning these up to match your audience’s language makes the report feel more polished and intentional.

Measures and field selections. It is worth checking the Build pane on each visual after generation to confirm that Copilot has used the right measures and fields. In most cases, it will be close, but it is not always exact, particularly on more complex semantic models.

The overall pattern is straightforward. Use Copilot to quickly get from a blank canvas to something reviewable, then use your judgment to finish and make it production-ready. The two parts complement each other well when treated as separate phases rather than expecting Copilot to do everything.

Wrapping Up

Power BI Copilot will not design your report for you. But it will get you off the blank canvas and into something reviewable faster than starting from scratch, and that is where most of the value sits.

The workflow covered in this post follows a natural progression.

Use “Suggest content for this report” when you need a starting point and are not sure how to structure the pages.
Switch to direct prompts when you know what business question a page needs to answer.
Use follow-up prompts to refine what Copilot generates, with the understanding that some changes will need to be made manually. Add a narrative visual that adds context for the audience.
Then finish the report the way you always have, with manual formatting, layout polish, and a final review of every measure and field selection.

The honest summary: Copilot is a useful first-draft tool. The pages it generates will not be ready to publish, but they will be a better starting point than a blank canvas and, in most cases, will surface the right visuals and fields without requiring you to specify every detail. That is a meaningful time-saving for anyone building reports regularly.

Power BI Copilot also has a clear ceiling. Structural edits to complex visuals, precise layout control, and anything requiring deep knowledge of your report design standards still need a developer’s hand. Knowing this ceiling lets you use Copilot where it adds value and move on quickly when it does not.

The sample report is available at the link below!

GitHub – Power BI’s AI Toolkit

In an era where AI is moving from experimental to essential, this toolkit is designed to help Power BI developers explore AI workflows, learn Power BI AI tools, and get started on their journey to modernize the way they build!

What’s Next

Power BI Copilot covers a lot of ground when you stay within the built-in experience. But both posts in this series so far have operated within the same boundary: what is possible inside the tool itself.

Post #1: Power BI’s AI Toolkit: Evaluating Copilot for DAX Development in Power BI Desktop

The next two posts step outside that boundary entirely:

AI-Assisted Development: stepping outside Power BI Desktop to pair a more capable AI interface with direct, programmatic access to the semantic model. Two practical approaches that will be explored here: VS Code with GitHub Copilot and the Power BI MCP Server, and Claude Desktop with MCP Servers, both of which unlock capabilities that the built-in Copilot pane cannot match.
Agentic Development: the most advanced tier, where community projects like GitHub – data-goblin/power-bi-agentic-development and articles such as Introducing AI and agentic development for Power BI explore what fully autonomous Power BI development workflows look like when agents plan and execute tasks end to end.

Thank you for reading! Stay curious, and until next time, happy learning.

And, remember, as Albert Einstein once said, “Anyone who has never made a mistake has never tried anything new.” So, don’t be afraid of making mistakes, practice makes perfect. Continuously experiment, explore, and challenge yourself with real-world scenarios.

If this sparked your curiosity, keep that spark alive and check back frequently. Better yet, be sure not to miss a post by subscribing! With each new post comes an opportunity to learn something new.

Automate Power BI Refresh with Power Automate and SharePoint

July 25, 2025July 25, 2025emguyant Leave a comment

Learn how to trigger Power BI dataset refreshes automatically using Power Automate when new files are added to SharePoint.

We have created a Power BI report that connects to a SharePoint folder where our team uploads new files every month. The process is simple: upload the file, refresh the report to incorporate the latest data, and then view the updated report.

But our users view the report, and then the messages begin
“Is the report updated yet?”
“Do I need to refresh it?

Manual refreshes could work, but it can also be challenging to manage and they are often overlooked. Scheduled refreshes present another option. However, they may not always be suitable. These refreshes occur on a fixed schedule, regardless of whether the data has changed. As a result, we may refresh too early and miss the new file, or we may refresh too late, leading users to view outdated information.

This post will explore an event-driven approach that aligns our report updates with the addition of new files.

With Power Automate, we can automatically trigger a dataset refresh when (and only when) a new file is added to our SharePoint source. This event-based refresh ensures our reports remain in sync with our data.

The Workflow

The Scenario

Let’s say we maintain a Power BI report that tracks product reviews. Each month, a CSV file is delivered, which the product team uploads to SharePoint. Once the file is uploaded, it is appended to our Power BI dataset, incorporating the reviews from the previous month.

The delivery and upload of files are manual processes that occur on the first weekday of each month. We could schedule the report refresh, but we need to determine the best frequency. Should we refresh it daily? If we do, we might refresh the report 30 times in a month without any new data. Alternatively, if we choose a weekly refresh, users may have to wait longer to access the latest information.

We will use Power Automate to monitor the SharePoint document library. By utilizing the When a new file is created trigger, the workflow starts automatically whenever a new file is added. This process refreshes the dataset and can even send a notification with a link to the updated report once it’s complete.

Build the Flow

The workflow is divided into three main sections: the trigger, refresh, and notification.

Trigger & Setup

We start with the When a file is created (properties only) SharePoint trigger, configured to the site and library where our file is uploaded. If necessary, we can utilize trigger conditions to prevent unnecessary refreshes.

The workflow uses two variables to verify that the refresh has completed before notifying users.

LastRefreshTime: tracks the current timestamp of the last dataset refresh.
RefreshRequestTime: stores the timestamp at which the flow starts the refresh.

Refresh the Dataset

We then use the Refresh a dataset Power BI action to trigger the report update. This action targets the specified workspace and dataset.

Note: the Power BI dataset includes a reference table called Last Refresh DateTime , which stores the timestamp (DateTimeZone.utcNow()) for when the dataset was last refreshed.

After initiating the refresh, we add a Do until loop that waits for the refresh to complete. The loop actions include:

Delay 30 seconds between checking the LastRefreshTime
Execute a query against the dataset to retrieve the Last Refresh DateTime value (DAX Query: EVALUATE Last Refresh DateTime)
Update the LastRefreshTim variable.

The loop repeats until the LastRefreshTime value is greater than the RefreshRequestTime.

Notify Users

After the refresh is complete, the workflow sends a confirmation email using the Send an email action. This email can be directed to the report owners or a shared inbox to confirm that the data is up to date. It can even include a link for users to view the report.

Tips for a More Reliable Setup

Here are some tips to enhance the reliability of our refresh automation.

Structure files consistently

Maintaining a consistent naming convention for files used in our automation reduces confusion and provides options for additional filtering within the workflow. It also simplifies our Power Query transformations.

Add retry logic and error handling

Delays and errors are inevitable, so it’s important to plan for them in advance. Incorporate branching or error-handling logic to notify the appropriate individuals when issues arise. For guidance on creating a dynamic failure notification system, see Elevate Power Automate Error Handling with Centralized Failure Notifications.

Keep the refresh lightweight

Avoid complex refresh dependencies. Preprocess large files or utilize staging tables to maintain the responsiveness and efficiency of our Power BI model.

Test with testing files first

Before automating production reports, upload sample files and verify the entire process to ensure accuracy. Confirm that the refresh timestamp updates correctly and that notifications are received as expected.

Try This Next

After automating our refresh process, the next step is to clean and shape the incoming data in a consistent and repeatable manner. Power Query parameters and functions simplify this task, enabling us to reuse common logic across different files. For instance, we can easily set data types, remove duplicates, and format text fields.

Explore Power Query Functions: Building Flexible and Reusable Data Cleaning Routines. This resource provides a step-by-step approach to enhance the clarity and maintainability of our data pipeline.

Automate once. Refresh forever.

Manually refreshing datasets is only effective for a small number of reports serving a limited team. As our data expands and more users depend on timely insights, automation becomes crucial.

Scheduled refreshes are beneficial when new data arrives consistently or continuously. However, if our report data does not fit this scenario, scheduled refreshes will still run even if there are no updates to the data.

Our event-driven approach effectively addresses this scenario. Instead of estimating when to schedule updates, we implement a strategy that responds in real-time. By integrating SharePoint Online, Power BI, and Power Automate, we can create reliable and straightforward workflows that ensure our reports remain up-to-date and accurate.

Thank you for reading! Stay curious, and until next time, happy learning.

If this sparked your curiosity, keep that spark alive and check back frequently. Better yet, be sure not to miss a post by subscribing! With each new post comes an opportunity to learn something new.

Power BI Object-Level Security Explained: Control Table and Column Access by Role

May 6, 2025May 7, 2025emguyant Leave a comment

Learn how to hide entire tables and columns in Power BI—so sensitive data stays protected and users see only what they need.

This is the third part of a series on security and design approaches in Power BI.

In the article Power BI Row-Level Security Explained: Protect Data by User Role, we examined Row-Level Security (RLS) and how to restrict access to specific rows of data based on the user’s identity.

Power BI Row-Level Security Explained: Protect Data by User Role

Discover how to personalize your reports and show each user only the data they require in just a few clicks.

In the article Partial RLS Explained: Let Users See the Bigger Picture, we explored Partial RLS, a design pattern that allows users to view high-level context, such as company-wide totals, while still enforcing Row-Level Security (RLS) on detailed sales data.

Power BI Partial RLS Explained: Let Users See the Bigger Picture

Explore how to deliver personalized insights without losing the bigger picture.

We will now focus on another important aspect of data model security: Object-Level Security (OLS).

While RLS controls which rows within a table a user can access, OLS restricts visibility and interaction with specific tables and columns within the data model.

In this post, we will cover the following topics:

An overview of Object-Level Security (OLS)
A use case demonstrating how different user roles can view different data model objects
A step-by-step guide to implementing OLS
Key considerations and limitations

What is Object-Level Security

In Power BI, Object-Level Security (OLS) enables data modelers to restrict access to specific tables or columns based on the roles assigned to report viewers.

The key difference between RLS and OLS lies in what they restrict:

RLS controls which rows of data a user can access within a table.
OLS determines whether a user can see the table or specific columns.

OLS cannot be used to secure or hide measures directly. However, measures are impacted by OLS. If a measure references a column or table that is hidden for a specific role, the measure will also be automatically hidden for that role. It is important to consider this when designing experiences tailored to specific roles.

Power BI manages these data dependencies for us, ensuring that calculations based on secured data remain safe from exposure. However, there is a potential risk that some visuals in our report may not display correctly for viewers who do not have access to specific measures.

Use Case: Hide Reviews Tables and Sensitive Customer Columns

To examine and understand the value of OLS, let’s go through a scenario using a sample report.

Interested in following along? The Power BI sample report is available here: EMGuyant GitHub – Power BI Security Patterns.

We are developing a Power BI report for a sales organization. The data model includes two restricted areas:

The Reviews table contains product reviews from customers and their demographic information.
The Customers table includes several columns with customer details that should only be accessible to specific roles.

Access Requirements
Access to the report is structured around four user roles.

The Regional Sales Basic role serves as the foundational level, providing minimal access. Users assigned this role can view sales data related to their sales region and basic customer information. They are restricted from viewing the Reviews table and the detailed customer information columns.

Next is the Regional Sales Advanced role. Users in this role have all the same access as Regional Sales Basic users but this role is able view the detailed customer information columns.

The Product Analyst role has access to the Reviews table but cannot view the detailed customer information columns. They can also view the sales and review data for any region they are assigned to.

Finally, there is the Leadership role. These users can see all the data for any region they are assigned.

Step-by-Step: Configure OLS in Power BI

After creating our data model and defining the tables and columns to which we plan to restrict access, we can begin configuring OLS.

To configure OLS, we will use the Tabular Editor Power BI external tool. There are many external tools for Power BI Desktop; visit Featured open-source tools to view a list of common and popular external tools.

Tabular Editor is a lightweight tool that allows us to build, maintain, and manage tabular models efficiently.

1) Create Roles in Power BI Desktop
In Power BI Desktop, we navigate to the Modeling tab and select “Manage Roles.” We then create the four roles using the following DAX expression for RLS filtering on the User Access table. This table contains the user’s User Principal Name (UPN), region ID, and role for that region.

'User Access'[UPN] = USERPRINCIPALNAME()

2) Open Tabular Editor and Configure OLS
We navigate to External tools in Power BI Desktop and then open Tabular Editor. Under Model, select Roles. The roles we created in Step 1 will appear.

We expand the Table Permissions to set the permissions for each role we want to configure OLS for.

None: OLS is enforced, and the table or column is hidden from that role.
Read: The table or column is visible to the role.

3) Secure Specific Tables
To configure OLS for the Reviews table, we need to ensure that only users with the Product Analyst or Leadership roles have access to this table.

First, select the Reviews table and navigate to Object Level Security options under Translations, Perspectives, and Security. Set the permissions to “None” for the Regional Sales Basic and Regional Sales Advanced roles.

4) Secure Specific Columns
Next, we secure the Address, PreferredContactMethod, and ContactInformation columns within the Customers table. To do this, we locate the Customers table and expand it to view its columns.

Then, we select each column we want to secure and set each role’s permissions under Object Level Security. For each column above, we set the permissions for the Regional Sales Basic and Product Analyst roles to None.

Once we finish configuring our OLS rules, we save the changes in Tabular Editor and then publish the semantic model to the Power BI service. Depending on our combination of RLS and OLS, testing within Power BI Desktop using the View as > Other user will not function as expected. We will test and validate our OLS rules in the Power BI Service.

Note: If using the sample report, before testing in the Power BI Service the UPN column within the User Access table will have to contain valid user UPNs.

5) Assign Users to Roles in the Power BI Service
To add users to a role in the Power BI Service, we need to navigate to the workspace where the semantic model has been published. First, locate the semantic model, click on the “More options” ellipsis (…), and then select “Security.”

In the Row-Level Security screen, we can add users or security groups to each role we’ve created.

We have four users to test the OLS (with RLS) implementation:

Talia Norridge: Leadership role for all regions
Lena Marwood: Product Analyst for Europe and Asia regions
Jasper Kellin: Regional Sales Advanced for North America
Elara Voss: Regional Sales Basic for Asia

6) Test OLS Implementation
On the Security screen, we select the More options ellipsis (…) next to a role and then Test as role.

Then, at the top, we select Now viewing as and then Select a person to validate that the OLS rules function as expected.

Leadership Role
When we view the report as Talia Norridge in the Leadership role, we can see that all the regional sales information is displayed in the data cards at the bottom.

We confirm that Talia also has access to the Reviews table by hovering over the sales by product bar chart. The tooltip for this visual contains measures based on the product review data (e.g. average review rating).

Next, we verify that Talia has access to detailed customer information by hovering over a customer in the sales by customer bar chart. The tooltip for this visual shows the customer’s name and contact information (ContactInformation is a secured column).

Product Analyst Role
Reviewing the report as Lena Marwood in the Product Analyst role, we see that her assignment is limited to the Asia and Europe sales regions. As a result, the total sales value reflects only these regions, and the top performers on the North America data card are hidden.

We confirm that Lena can access the Reviews table by checking the sales by product tooltip, and we see that, like the Leadership role, the data appears as expected.

We confirm that Lena should not have access to detailed customer information. When we hover over the sales by customer visual, the tooltip shows an error when displaying the customer’s contact information.

The customer’s name is displayed without issue because this is not a secured column. However, Lena’s role does not have permission to access the ContactInformation column, which prevents the report from retrieving this data.

Regional Sales Advanced
When we view the report as Jasper Kellin, who holds the Regional Sales Advanced role, we confirm that the sales data only reflects his assigned region.

Next, we check the tooltips that display the review data and detailed customer information.

We verify that the review data produces the expected error because Jasper cannot access the Reviews table. As a result, he is unable to access the entire table and any measures that depend on it, such as the Average Score.

The Average Score measure is defined using the following DAX expression.

Average Score = AVERAGE(Reviews[SatisfactionScore])

After reviewing the customer sales data, we confirm that the contact information is presented in the tooltip to Jasper without any errors.

Regional Sales Basic
When we view the report as Elara Voss, who holds the Regional Sales Basic role, we confirm that the sales data only reflects their assigned region.

Next, we check the tooltips that display the review data and detailed customer information.

Both tooltips display the expected error since Elara does not have permissions to the Reviews table or the detailed customer information columns.

Considerations and Limitations

OLS in Power BI offers a robust layer of protection, but there are important limitations to consider before deploying it.

1) OLS applies only to users with the Viewer workspace role. Workspace members with Admin, Member, or Contributor roles have edit permissions on the semantic model, and OLS does not apply to them.

2) Combining OLS and RLS from different roles is not allowed; doing so may cause unintended access and generate an error.

3) Power BI automatically hides measures referencing a column or table restricted by OLS. Although Power BI does not offer a direct way to secure a measure, measures can be implicitly secured if they reference a secure table or column.

4) When users attempt to view visualizations dependent on a secured object with OLS configured, they encounter an error message. As a result, the report seems broken to these users. However, for specific roles this is expected. For example, the Regional Sales Basic role does not have permissions to the Reviews table, so it should not be available in the data set for these viewers.

BONUS: Mask Visual Errors and Control Page Navigation

When OLS hides a table or column, any visual that relies on that data will become unusable for users without access (refer to error message #4 above). While this error is anticipated, it may confuse users who might think the report is broken.

One possible workaround is to use a DAX measure and conditionally formatted shapes to cover the visual for users who cannot access the data.

In our sample report, we can create the following DAX measures to manage the visibility of the data on our tooltips.

Customer Detail Visible =
If([UserRole] <> "Regional Sales Basic", "#FFFFFF00","#f1f9ff")

Rating Detail Visible =
If([UserRole] = "Product Analyst" || [UserRole] = "Leadership", "#FFFFFF00","#f1f9ff")

We place a rectangle shape over the visuals that certain users cannot access, and then we conditionally format the fill color based on the measures.

It’s important to note that this is not an additional security layer or a replacement for OLS. This method only hides the error message to create a cleaner user experience.

However, this approach has a significant limitation. Our example works because the visuals underneath the shapes are not intended for user interaction. If the visuals are interactive for users with access to the data, the transparent shape overlay will prevent them from selecting or interacting with the visual. This means this workaround has a limited use case.

Certain design approaches can help manage which pages users can navigate to within a report. DAX-driven navigation buttons can create a user-friendly navigation experience, allowing users to navigate to the pages with data they have permission to view.

It’s important to note again that this approach does not provide security. However, it can help reduce the chances of users encountering error messages related to their access level based on typical report usage. Here is a brief walkthrough on this approach: RLS and OLS—Page Navigation.

While various design methods can enhance the user experience, OLS and RLS remain the only secure methods for controlling data access.

Wrapping Up

OLS in Power BI gives us a model-driven way to control access to specific tables and columns. Unlike Row-Level Security (RLS), which filters rows for authorized users, OLS prevents users from seeing certain objects of the model, removing entire tables and columns from the data experience.

When creating reports for broad audiences with different access needs, OLS can become essential to meet the requirements.

Thank you for reading! Stay curious, and until next time, happy learning.

If this sparked your curiosity, keep that spark alive and check back frequently. Better yet, be sure not to miss a post by subscribing! With each new post comes an opportunity to learn something new.

Photo by Gerrie van der Walt on Unsplash

Power Automate vs. Locked Files: A Smarter Way to Update Locked SharePoint Files

March 24, 2025March 25, 2025emguyant 4 Comments

How to Update Locked SharePoint Files Without Loops or User Headaches

The Hidden Workflow Killer: Locked Files in SharePoint

Imagine you have created a Power Automate workflow for a document approval process that updates a status property of the document to keep end users informed. The workflow operates smoothly until you encounter failures, with an error message stating, “The file <file_path> is locked for shared use by <user_email>“.

This is a common issue encountered in workflows that update file metadata while users have the file open or during co-authoring. Without proper error handling, users may not even realize that the workflow has failed, which can lead to confusion and increased support requests to resolve the workflow problem.

A common solution to this problem involves checking whether the file is locked and repeatedly attempting to update it until the lock is released.

In this post, we will explore a more practical approach. Instead of waiting for the file lock to be released, we can detect the lock, extract the source control lock ID, and use it to update the file without any user intervention, even when the file is in use.

The Waiting Game: Why Do Until Loops Leave Everyone Hanging

One workaround for a locked SharePoint file in Power Automate is to use a Do Until loop. The concept is straightforward: check if the file is locked, and if it is, use a delay action to wait before checking again. Repeat this process until the file becomes available. While it may not be the most elegant solution, it effectively gets the job done—at least sometimes.

Here is how this approach may look.

This process can be improved by identifying the user who has locked the file and sending them a notification to close it, allowing the workflow to continue. While this approach enhances the system, it still requires user intervention for the workflow to proceed.

In practice, this approach can be clunky. By default, it runs silently in the background and continues to loop without providing feedback to users. From their perspective, the workflow is broken. Users may attempt to retry the action, submit duplicate requests, or contact the workflow owner. When, in reality, the workflow is functioning as intended, it is simply waiting for the file to become available.

Even if notifications are sent to the user who has the file locked, the process still relies on that user to take action before it can proceed. If the user ignores the alert, is away or is out of the office, the process stalls. This type of automated update to file metadata should not depend on user action to function correctly.

The Upgrade: Skip the Wait and Update Locked Files Instantly

There is a more effective way to manage locked files without needing to retry failed updates or alert users to close their documents. Instead of waiting for SharePoint to release the lock, we can leverage some lesser-known features and properties of the files.

The key component of this approach is the LockedByUser file property. We can send an HTTP request to SharePoint using the lockedByUser endpoint to determine if the file is locked and by whom. More importantly, SharePoint also maintains a source control lock ID that can be used to override the lock in specific scenarios.

The process operates as follows: The workflow first checks if the file is locked by inspecting the lockedByUser response. If the file is locked, the workflow extracts the lock ID and then updates the file by passing the lock ID to SharePoint. If the file is not locked, it is updated as usual.

This method allows users to bypass waiting on the workflow. The file metadata is updated seamlessly, and the workflow moves to its subsequent actions.

Step-by-Step Guide to Implementing the New Approach

This method may seem technical, and while it is more complex than the Do until loop workaround, it is more straightforward than you might think.

Here is the workflow overview.

Get the file properties

The workflow starts by using the Get file properties action to retrieve all the properties of the file that triggered the workflow. We set the Site Address and Library Name and use dynamic content to select the ID from the selected file trigger.

Get lockedByUser Property

To retrieve the lockedByUser property value, we use the Send an HTTP request to SharePoint action. In this action, we set the Site Address to our SharePoint site and set the Method to GET. For the Uri, we use:

_api/web/lists('<documentlibrary_guid>')/items('<documentlibrary_itemId>')/File/lockedByUser

Finding the <documentlibrary_guid> for this action can be challenging. However, since we already have the Get file properties action, we can use Power Automate’s Code view to locate the required value.

Then, we use dynamic content for the <documentlibrary_itemId> to add the required ID value. Lastly, under Advanced parameters, we set the headers as follows:

{ 
   "Accept": "application/json;odata=nometadata", 
   "Content-Type": "application/json;odata=nometadata" 
}

Check the lockedByUser Response

When the file is locked, the response body of the HTTP request GET lockedByUser action indicates who has the file locked.

{
  "Id": 11,
  "IsHiddenInUI": false,
  "LoginName": "i:0#.f|membership|<user_email>",
  "Title": "<user_displayName>",
  "PrincipalType": 1,
  "Email": "<user_email>",
  "Expiration": "",
  "IsEmailAuthenticationGuestUser": false,
  "IsShareByEmailGuestUser": false,
  "IsSiteAdmin": false,
  "UserId": {
    "NameId": " ",
    "NameIdIssuer": " "
  },
  "UserPrincipalName": "<user_upn>"
}

The body contains the following information when the file is not locked.

{
  "odata.null": true
}

We use the odata.null property value in the Condition flow control to check if the file is locked.

We utilize the following function to include odata.null in the condition.

body('HTTP_request_GET_lockedByUser')?['odata.null']

Locked File Branch

If odata.null is not equal to true, our file is locked, and the workflow progresses down the True branch. We first need to obtain the source control lock ID to update the locked file.

You might be wondering where to find the lock ID. To view a list of file properties available within our workflow—beyond the basic properties returned by the Get file properties action—we add another Send an HTTP request to SharePoint action.

First, set the Site Address to our SharePoint site and choose “GET” as the Method. Then, use the following URI:

_api/web/lists('<documentlibrary_guid>')/items('<documentlibrary_itemId>')/File/Properties

*See the Get lockedByUser Property section to located <documentlibrary_guid> and <documentlibrary_itemId>

We can proceed to run a test of our workflow to examine the raw output of this request. In the output, we will see a list of available properties. The specific property we need is the value of vti_x005f_sourcecontrollockid.

Next, we will update the URI to select this particular property value.

_api/web/lists('<documentlibrary_guid>')/items('<documentlibrary_itemId>')/File/Properties?$select=vti_x005f_sourcecontrollockid

Once we have the required lock ID, we use another Send HTTP request to SharePoint action to perform the update. We set the Site Address to our SharePoint site and choose POST as the Method. Then, under the Advanced parameters, we select Show all to provide the necessary headers and body values.

For the Headers parameter, we use the following:

{ 
   "Accept": "application/json;odata=nometadata", 
   "Content-Type": "application/json;odata=nometadata" 
}

For the Body parameter, we will use:

{ 
   "formValues": [ 
      { 
         "FieldName": "ApprovalStatus", 
         "FieldValue": "In Process (Updated Locked File)" 
      } 
   ], 
   "sharedLockId": "body('HTTP_request_GET_sourcecontrollockid')?['vti_x005f_sourcecontrollockid']", 
   "bNewDocumentUpdate": true 
}

We dynamically utilize the lock ID within the Body parameter using this function.

body('HTTP_request_GET_sourcecontrollockid')?['vti_x005f_sourcecontrollockid']

Unlocked File Branch

If the file is not locked, we use the Send a HTTP request to SharePoint action to update the file. We configure the action the same way as the HTTP request used for the locked file, with the only difference being the body parameter.

Since the file is not locked, we do not include the sharedLockId property in the body parameter.

{ 
   "formValues": [ 
      { 
         "FieldName": "ApprovalStatus", 
         "FieldValue": "In Process (Updated Locked File)" 
      } 
   ], 
   "bNewDocumentUpdate": true 
}

Here is the workflow in action.

Continue the workflow with any Additional Actions

Once the update to the file metadata is complete, the workflow continues as usual. The file is updated directly, regardless of whether it is locked.

Although this approach requires some initial setup, once implemented, the workflow becomes more resilient and less dependent on unpredictable user behavior.

Wrapping Up

Locked SharePoint files can disrupt our Power Automate workflows, causing updates to stall and confusing users. Common fixes, such as using Do Until loops and notifications rely heavily on timing and user intervention.

The approach outlined here first checks if the file is locked. If it is, the method extracts the lock ID and sends an HTTP request to update the file with no retries or end-user intervention.

This workflow makes our workflow more efficient and reliable, enabling true automation without requiring any user action for the workflow to proceed.

Curious about the TRY Update document properties scope within the workflow?

Check out this post focused on Power Automate error handling and notifications.

Elevate Power Automate Error Handling with Centralized Failure Notifications

Learn how to create a dynamic failure notification framework across Teams channels with a centralized SharePoint setup.

Thank you for reading! Stay curious, and until next time, happy learning.

If this sparked your curiosity, keep that spark alive and check back frequently. Better yet, be sure not to miss a post by subscribing! With each new post comes an opportunity to learn something new.

Elevate Power Automate Error Handling with Centralized Failure Notifications

October 28, 2024November 1, 2024emguyant 4 Comments

Learn how to create a dynamic failure notification framework across Teams channels with a centralized SharePoint setup

Handling errors in Power Automate workflows can be challenging, especially when managing notifications across multiple flows. Adding contact details to each flow can become inefficient and difficult to maintain.

The Microsoft ecosystem offers various options and integrations to address these inefficiencies. In this approach, we will use a SharePoint list to centralize contact information, such as Teams Channel IDs and Teams Tag IDs. This method simplifies management and enhances our failure notification framework.

We will explore two methods. The first involves using Teams shared channels with @mentioning Teams tags to notify a specific group of users within our Power Automate Failure Notifications Teams team. The second method utilizes direct user @mentions in private Teams channels. Both methods employ a solution-aware flow, providing a reusable failure notification framework.

Power Automate Error Handling Best Practices

Before we can send failure notifications using our reusable framework, we first need to identify and handle errors within our workflows. It is essential to incorporate error handling into all our business-critical workflows to ensure that our Power Automate flows are resilient and reliable.

The configure run after setting is crucial for identifying the outcomes of actions within a workflow. It lets us know which actions were successful, failed, skipped, or timed out. By utilizing this feature, we can control how subsequent actions will behave based on the result of prior actions. Customizing these settings allows us to develop flexible and robust error-handling strategies.

Beyond using configure run after, there are important patterns that support effective error management in Power Automate:

Scoped Control (Try-Catch blocks): Grouping actions within the Scope control object aids in managing the outcomes of that set of actions. This method is valuable for isolating distinct parts of our workflow and handling errors effectively.

Parallel Branching: Establishing parallel branches enables certain workflow actions to continue even if others encounter errors. This approach allows us to run error-handling notifications or fallback actions concurrently with the primary process, enhancing the resilience of our flow and preventing interruptions.

Do Until Loop: For situations where actions may need multiple attempts to succeed, the Do Until control object permits us to execute actions until a specified success condition is met or a failure condition triggers our error-handling process.

These patterns collectively improve the reliability of our workflows by incorporating structured and consistent error handling. Identifying errors is just the first step; we must also notify the relevant individuals when a workflow encounters an issue so they can determine if further action or bug fixes are necessary.

Managing error notifications across multiple workflows can be difficult when contact information, such as an email address, is hardcoded into each individual flow. To address this, we will explore centralizing error notification details using a SharePoint list. This approach allows us to separate contact management from the flow logic and definitions.

The Final Solution in Action

Using Teams and Shared Channels with @mentioning Teams tags offers a practical and flexible solution. Teams tags enable us to group team members by their responsibilities, such as Development Team or workflow-specific groups. Using Teams tags makes it easy to alert an entire group using a single @mention tag.

In this example, we implement the Scoped Control (Try-Catch blocks) error handling pattern. This pattern groups a related set of actions into a scope, so if any action fails, we can handle the errors using an associated catch scope.

Here’s a basic flow that is triggered manually and attempts to list the members of a Teams Group chat.

When a non-existent Group chat ID is provided, the List members action will fail. This failure triggers the CATCH scope to execute. The CATCH scope is configured to run only when the TRY scope fails or times out.

When the CATCH scope executes, the flow filters the result of the TRY scope to identify which action failed or timed out using the following expressions:

From:
result('TRY_Teams_list_members_made_to_fail')
Criteria:
@or(equals(item()?['status'], 'Failed'), equals(item()?['status'], 'TimedOut'))

Next, the flow utilizes the reusable notification framework to send a notification to Teams identifying that an error has occurred and providing details of the error message. We use the Run a Child Flow action and select our reusable error notification workflow for this purpose. This workflow requires three inputs:

workflowDetails: string(workflow())
errorMessage: string(outputs('Filter_TRY_Teams_list_member_result')?['body'])
scopeName: manually entered

When this workflow is triggered, and the TRY scope fails, we receive a Teams notification dynamically sent to the appropriate channel within our Power Automate Failure Notification Team, alerting the necessary individuals using the Dev Team Teams tag and direct @mentioning the technical contact.

The advantage of this approach and framework is that the notification solution only needs to be built once, allowing it to be reused by any of our solution-aware and business-critical workflows that require error notifications.

Additionally, we can manage the individuals alerted by managing the members assigned to each Teams tag or by updating the technical and functional contact details within our SharePoint list. All these updates can be made without altering the underlying workflow.

Continue reading for more details on how to set up and build this error notification framework. This post will cover how the Power Automate Failure Notifications Teams team was set up, provide resources on Teams tags, demonstrate how to create and populate a centralized SharePoint list for the required notification details, and finally, outline the construction of the failure notification workflow.

Setting Up Teams

Our error notification solution utilizes a private Microsoft Team, which can consist of both shared and private channels.

Shared channels are a convenient and flexible option for workflows that are not sensitive in nature. By using shared channels, we can take advantage of the List all tags Teams action to notify a group with a single @mention in our error notifications.

For additional information on managing and using Teams tags, see the resources below:

Microsoft Learn – Manage tags in Microsoft Teams

Microsoft Support – Using tags in Microsoft Teams

Private channels should be used when the workflow involves more sensitive information or when error notifications need to be restricted to a specific subset of team members. In this case, the error notifications target specific individuals by using direct user @mentions.

Centralized Error Notifications Details with SharePoint

To improve the maintainability of our error notifications, we will centralize the storage of key information using a SharePoint list. This approach enables us to store essential details, such as functional and technical contacts, Teams channel IDs, Teams Tag IDs, workflow IDs, and workflow names in one location, making it easy to reference this information in our error notification workflow.

The SharePoint list will serve as a single source for all required flow-related details for our notification system. Each entry in the list corresponds to a specific flow. This centralized repository minimizes the need for hardcoded values. When teams or contact details change, we can simply update the SharePoint list without the need to modify each individual flow.

Steps to Create the SharePoint List

Create a New List: In SharePoint, create a new list with a descriptive name and an appropriate description.

Add Required Columns: Include all necessary required and optional columns to the new SharePoint list.

FlowDisplayName: identifies the specific flow that utilizes the error notification system we are creating.

FlowId: unique identifier for the workflow associated with the error notification system.

Technical Contact: the primary person responsible for technical oversight who will be notified of any errors.

Functional Contact: secondary contact, usually involved in business processes or operational roles.

TeamsChannelName: name of the Teams Channel where error notifications will be sent.

TeamsChannelId: unique identifier for the Teams Channel that the flow uses to direct notifications.

TeamsTagId: this field is relevant only for shared channel notifications and contains the ID of the Teams Tag used to notify specific groups or individuals.

Populate the List with Flow Details

Our failure notification system will send alerts using the Post message in a chat or channel action. When we add this action to our flow, we can use the drop-down menus to manually select which channel within our Power Automate Failure Notifications team should receive the message.

However, it’s important to note that the Channel selection displays the channel name for convenience. Using the peak code option, we can see that the action utilizes the Channel ID.

        parameters": {
            "poster": "Flow bot",
            "location": "Channel",
            "body/recipient/groupId": "00000000-0000-0000-0000-000000000000",
            "body/recipient/channelId": "00:00000000000000000000000000000000@thread.tacv2",
            "body/messageBody": ""
        }

The same applies when using the Get a @mention token for a tag. To dynamically retrieve the token, we need the Tag ID, not just the Tag name.

These key pieces of information are essential for our Failure Notification solution to dynamically post messages to different channels or @mention different tags within our Failure Notification team.

While there are various methods, such as peek code, to manually find the required values, this can become inefficient as the number of flows increases. We can streamline this process by creating a SharePoint Setup workflow within our Failure Notification solution.

This workflow is designed to populate the SharePoint list with the details necessary for the dynamic error notification framework. By automatically retrieving the relevant Teams channel information and Teams tag IDs, it ensures that all the required data is captured and stored in the SharePoint list for use in error notification flows.

SharePoint Set Up Workflow

This workflow has a manual trigger and allows us to run the setup as needed by calling it using the Run a Child Flow action when we want to add our error notifications to a workflow.

The inputs consist of 6 required string inputs and 1 optional string input.

channelDisplayName (required): the channel display name that appears in Teams.
workflowId (required): the flow ID to which we add our error notifications. We can use the expression: workflow()?['name'].
workflowDisplayName (required): the display name of the flow to which we are adding our error notifications. We can manually type in the name or use the expression: workflow()?['flowDisplayName'].
technicalContact (required): the email for the technical contact.
functionalContact (required): the email for the functional contact.
workflowEnvironment (required): the environment the flow we are adding the error handling notifications to is running in. We can use the expression: workflow()?['tags']?['environmentName']
tagName (optional): the display name of the Teams tag, which is manually entered. This input is optional because the error notification solution can be used for Shared or Private Teams channels. However, @mentioning a Teams tag is only utilized for Shared channels.

Following the trigger, we initialize two string variables. The first ChannelId and the second TagId.

Get the Teams Channel ID

The next set of actions lists all the channels for a specified Team and uses the channelDisplayName input to extract the ID for the channel and set the ChannelId variable.

The Teams List channels action retrieves a list of all available channels in our Power Automate Failure Notifications Teams team. The Filter array action then filters this list based on the channelDisplayName input parameter.

The flow then attempts to set the ChannelId variable using the expression:
outputs('Filter_array_to_input_teams_channel')['body'][0]?['id'].

However, if the output body of the Filter array action is empty, setting the variable will fail. To address this, we add an action to handle this failure and set the ChannelId to “NOT FOUND”. This indicates that no channel within our Power Automate Failure Notifications team matches the provided input value.

To achieve this, we use the Configure run after setting mentioned earlier in the post and set this action to execute only when the TRY Set ChannelId action fails.

Get the Teams Tag ID

After extracting the Teams Channel ID, the flow has a series of similar actions to extract the Tag ID.

Create an item on the SharePoint List

Lastly, the flow creates a new item on our supporting SharePoint list using the flow-specific inputs to store all the required information for our error notification solution.

Reusable Error Notification Flow Architecture

As the number of our workflows increases, a common challenge is developing a consistent and scalable error notification system. Instead of creating a new notification process for each workflow, we can leverage reusable solution-aware flows across multiple workflows within our environment. This approach minimizes duplication and streamlines our error notification processes.

Flow Structure for Reusable Notifications

The reusable notification flow is triggered when an error occurs in another workflow using the Run a Child Flow action and providing the required inputs.

The notification workflow parses the details of the workflow that encounters an error, creates an HTML table containing the details of the error that occurred, and then sends the notification using the centralized SharePoint list created in the previous section and dynamically alerts the appropriate individuals.

Trigger Inputs & Data Operations

We can catch and notify responsible parties that an error occurred in a workflow by calling this notification flow, using the Run a Child Flow action, and providing the workflowDetails, errorMessage, and scropeName.

workflowDetails: string(workflow())
errorMessage: string(outputs(<FILTER_TRY_SCOPE_ACTION>)
scopeName: manually entered

After the trigger, we carry out two data operations. First, we parse the workflowDetails using the Parse JSON action and the expression json(triggerBody()?['text']) for the Content. Then, we create an HTML table using the information provided by our errorMessage input.

For the Create HTML table action, we use the following expressions for the inputs:

From:
json(triggerBody()?['text_1'])
Scope:
triggerBody()?['text_2'])
Action:
item()?['name']
Message:
concat(item()?['error']?['message'], item()?['outputs']?['body']?['error']?['message'],item()?['body']?['message'])

Retrieve Contact Information

The notification flow queries the centralized SharePoint list to retrieve the necessary contact details and Teams information associated with the workflow that encountered the error.

We begin this subprocess by using the SharePoint Get items action with the Filter Query:
FlowId eq 'body('Parse_workflowDetails_JSON')?['name']'.

Since each FlowID on our list should have only 1 record, we set the Top Count to 1.

Then, if our Power Automate Failure Notification Teams team uses Shared Channels, we use the Teams Get an @mention token for a tag and pass it the TagId stored within our SharePoint list using:
outputs('Get_SharePoint_list_record_for_flow')?['body/value'][0]?['TagId'].

If the notification team uses private channels, this action can be excluded.

Lastly, for both Shared and Private channel notifications, we use the Teams Get an @mention token for user action to get the token for the technical contact stored within our SharePoint list using:
outputs('Get_SharePoint_list_record_for_flow')?['body/value'][0]?['TechnicalContact']?['Email']

Send Teams Notification

Once we have retrieved the required contact details from SharePoint and Teams, the flow sends a notification to the appropriate Teams channel, notifying the relevant individuals. For Shared Channels, the message uses the @mention token for a Teams tag. If Private Channels are utilized, this should be removed from the flow and message.

Additionally, the message can be posted as the Flow bot when using Shared channels. However, when using Private channels, the message must be posted as User.

The flow dynamically sets the Channel using the ChannelId stored within our SharePoint list with the expression:
outputs('Get_SharePoint_list_record_for_flow')?['body/value'][0]?['ChannelId'].

The message begins by identifying the workflow in which an error was encountered and the environment in which it is running.

Error reported in workflow:
body('Parse_workflowDetails_JSON')?['tags']?['flowDisplayName'] {body('Parse_workflowDetails_JSON')?['tags']?['environmentName']}

Then, the message adds the HTML table created with the error message details using the following expression:
body('Create_HTML_table_with_error_action_and_message').

Finally, it notifies the contacts for the workflow by using the @mention tokens for the Teams tag and/or the technical contact. The message also provides the details on the functional contact using the expression:
outputs('Get_SharePoint_list_record_for_flow')?['body/value'][0]?['FunctionalContact']?['Email']

The notification process sends an informative and targeted message, ensuring all the appropriate individuals are alerted that an error has occurred within a workflow.

Reusability

This architecture enables us to develop a single workflow that can trigger error notifications for any new workflows, making our error handling and notification process scalable and more efficient.

By using this approach, we can avoid hardcoding notification logic and contact details in each of our workflows. Instead, we can centrally manage all error notifications. This reduces the time and effort needed to maintain consistent error notifications across multiple workflows.

Wrapping Up

This Power Automate error notification framework provides a scalable solution for managing notifications by centralizing contact information in a SharePoint list and leveraging solution-aware flows. Setting up a single, reusable notification flow eliminates the need to hardcode contact details within each workflow, making maintenance and updates more efficient.

The framework targeted two notification methods: Shared Teams channels with tags and Private Teams channels with direct mentions. This system ensures error notifications are delivered to the right individuals based on context and need.

Shared Channels with Teams Tags

This approach sends notifications to a shared Teams channel, with Teams tags allowing us to notify a group of individuals (such as a “Dev Team”) using a single @mention.

How It Works: The notification flow retrieves tag and channel details from the SharePoint list. It then posts the error notification to the shared channel, @mentioning the relevant Teams tag to ensure all tag members are alerted.

Advantages: This method is scalable and easy to manage. Team members can be added or removed from tags within Teams, so updates don’t require changes to the flow definition. This is ideal for notifying larger groups or managing frequent role changes.

Private Channels with Direct @Mentions

Private channels are used to send notifications directly alerting a technical contact when workflow and error details should not be visible to the entire Team.

How It Works: The flow dynamically retrieves contact details from the SharePoint list and posts the error notification to the private channel, mentioning the designated technical contact.

Advantages: This approach provides greater control over the visibility of the notifications, as access is restricted to only those users included in the private channel.

Each of these approaches is flexible and reusable across multiple workflows, simplifying the process of managing error notifications while ensuring messages reach the appropriate individuals based on the notification requirements.

Thank you for reading! Stay curious, and until next time, happy learning.

If this sparked your curiosity, keep that spark alive and check back frequently. Better yet, be sure not to miss a post by subscribing! With each new post comes an opportunity to learn something new.