Create a CSV file named users.csv with the following content
UserEmail,RoleName
user1@domain.com,Basic User
user2@domain.com,System Administrator
user3@domain.com,Sales Manager
------
# 1. Install module (only 1 time)
Install-Module -Name Microsoft.PowerApps.Administration.PowerShell -Force
Install-Module -Name Microsoft.PowerApps.PowerShell -Force
# 2. Login tenant
Add-PowerAppsAccount
# 3. Find Env name
Get-AdminPowerAppEnvironment | select DisplayName, EnvironmentName
-----
Paste script
$envName = "<your-environment-name>"
$csvPath = "C:\users.csv"
$users = Import-Csv $csvPath
foreach ($u in $users) {
Write-Host "==== Processing $($u.UserEmail) ====" -ForegroundColor Cyan
$userObj = Get-AdminPowerAppUser -EnvironmentName $envName | `
Where-Object { $_.Email -eq $u.UserEmail }
if ($null -eq $userObj) {
Write-Host "❌ User not found in environment: $($u.UserEmail)" -ForegroundColor Red
continue
}
$role = Get-AdminPowerAppRole -EnvironmentName $envName | `
Where-Object { $_.DisplayName -eq $u.RoleName }
if ($null -eq $role) {
Write-Host "❌ Role not found: $($u.RoleName)" -ForegroundColor Red
continue
}
Add-AdminPowerAppRoleAssignment `
-EnvironmentName $envName `
-PrincipalId $userObj.ObjectId `
-RoleId $role.RoleId
Write-Host "✅ Added role '$($u.RoleName)' to $($u.UserEmail)" -ForegroundColor Green
}
---Just in case error
Get-ExecutionPolicy -List
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine
