I share a reusable solution which Admins can use to change Canvas App and solution-aware Flow Owners programmatically. Not complicated, but pretty handy for Power Platform CoEs and Admins!

• Why Changing App and Flow Owners Matters
• How to Change App and Flow Owners
• The Ownership Updater
• Possible Uses

Why Changing App and Flow Owners Matters

Sharing a Flow or an App with another user does not change the main Owner of that Flow or App. However, there are situations when changing the main Owner of an App or Flow programmatically can be handy:

• The Main Owner is showing on the Maker Portal. To avoid confusion for Makers and End Users, it might be relevant to define which user shows as Owner.
  
• For Cloud Flows, the main Owner of the Flow is the account which needs to have the appropriate license. The API call consumption of a Flow is also measured against the entitlement of its Owner. If a Cloud Flow uses premium connectors or many requests, it is therefore helpful to control which account owns it.
• If you are leveraging the CoE Starter Kit, then the gathered inventory will show the Owner of the Flows and Apps in the tenant. There are many ways in which keeping this information up to date is important for governance.

How to Change App and Flow Owners

Before looking at the solution I am sharing, let’s list the methods available to change an App or Flow Owner.

• For Canvas Apps:
  • Admins can change the owner with PowerShell, the Power Apps for Admins connector, or the CoE Starter Kit and the “Set App Permissions” App, as Matthew Devaney describes in this article.
  • I also shared the Ownership Toolbox a little while ago as an easy way to share Apps with co-owners and change the main owners.
• For Cloud Flows:
  • We can only change the Owner of a Cloud Flow if it is in a Solution.
  • An Owner or Co-owner of the Flow can manually change the Principal Owner directly from the Portal, as described here. Proceeding this way will change the Owner and grant Co-ownership to the previous Owner.
  • From Power Automate, it is also possible to use the Dataverse connector to reproduce the same behaviour as from the Maker Portal, although it takes a few more steps.
  • Thanks to this Solution, the Ownership Toolbox can now also be used to change the main Owner of a flow!

The Ownership Updater

I created a simple solution to be able to easily change the owner of an App or Flow. The objective is to have a reusable child flow which Power Platform Admins anc CoEs can call at anytime and from anywhere to be fully flexible with regards to App and Flow Ownership management. As usual, I made the solution available in my GitHub repository alongside additional information for the set up.

This simple solution only comprises 3 child flows.

The Main Child Flow: Ownership Updater Child – Main

The “Ownership Updater Child – Main” child flow is the one which would be called from a custom flow by the Admins. It takes 5 input parameters:

• The object ID of the App or Flow to update
• The environment ID hosting the App/Flow
• Whether it is a Canvas App or a Cloud Flow
• Whether the current Owner should be Co-Owner after the change or should no longer have edit access
• The user who should be the New Owner

This child flow will then either call “Ownership Updater Child – Change Flow Owner” or “Ownership Updater Child – Change App Owner” according to the selected object type. Proceeding this way allows for more flexibility and add more object types in the future.

As outputs, this Main Child Flow returns 3 properties.

• “result”: either “Succeeded” or “Failed” and can be used to implement some error handling logic
• “reason”: gives additional details for some cases failures
• “flowurl”: the flow run URL of the child flow which completed the task, useful for troubleshooting

The App Child Flow: Ownership Updater Child – Change App Owner

It is a pretty simple Flow. First, the flow searches for the new Owner in the environment hosting the App to confirm that it is present. Then it uses the “Set App Owner” action from the Power Apps for Admin connector to set the Owner as required. This action also takes care of whether the previous owner should maintain co-ownership or not.

The Flow Child Flow: Ownership Updater Child – Change Flow Owner

The principle is the same as for the App Child Flow. The main differences are:

• It is using the Dataverse connector to manage the ownership directly in the “workflows” table of the environment.
• The previous Owner has to be dealt with separately. The unbound action “GrantAccess” takes care of granting them co-ownership if requested with the “makerCurrentOwnerCoOwner” input parameter.
• To change the Owner of the Flow, the Owner is directly updated in the Dataverse table with the Update a row in selected environment” Dataverse action.

Possible Uses

There are a few situations when the main child flow could be helpful, for example:

• In a Mover process when a Maker changes role in the organization. They could have a self-service App which would lead to the trigger of this flow to update the owner of all their Apps / Flows and hand them over to their replacement. It is worth noting that at this stage the Flow does not update the connection references though.
• To move the Ownership of Flows created by developer to a service account. The process to create Service Accounts can be slow in some organizations and developer might start to create the Flows with their normal accounts. Once the service account is provisioned, being able to easily update the owner of all relevant flows will save time.
• I am also thinking of continuing to improve it to have an option to indicate a solution and it would then browse through each solution components to update the Ownership accordingly. For another time!

There is not much more to it, just a simple solution to avoid having to reimplement the logic each time 😊.