Can anyone help me about the following questions...
1. We built a PowerApp and in order to allow everyone else in the organization to use it, we need to turn on their licnese under the business subscription (E3)? Does that mean, once users have licnese, they can also create apps within our company's domain (environment)?
2. The biggest issue we are facing is our internal tech support would like to block normal user access to Azure management portal (https://portal.azure.com) so they followed the article below and applied the conditional access to block the MS Azure Management for normal users. This does the job
However, the PowerApps embeded in the SharePoint page are now asking for signing in. The domain user clicks sign in and will get an error. Has anyone met similar issue? Really struggle with this and hard to find out the connection between PowerApps and Azure Management...
1. If you would like the user not be able to create App in the environments, then you may remove the user from the Environment Admin and the Environment Maker, only share the App (set withCan usepermission) created in the Environments with the user.
Doing in this way would have those users only be able to use the App shared with them, but have no rights to create new app in the corresponding Environments.
For now, permission configured through the environments have two roles:
Environment Admin, Environment Maker.
Please check the Manage security for your environments part in the following article for more details:
The Environment Maker role can create resources within an environment including apps, connections, custom connectors, gateways, and flows using Microsoft Flow. Environment Makers can also distribute the apps they build in an environment to other users in your organization. They can share the app with individual users, security groups, or all users in the organization. For more information, seeShare an app in PowerApps.
2. What is the data source of this app? To access data inside the app, users must sign in and their account must have the proper permission on the data source. For more information, please refer to:
Regarding 1. I have already followed the links to remove user roles, however, they can still see the Create button from PowerApps portal, I noticed some people mentioned it's something to do with default environment? if that's ture, that means any user can create PowerApps in the default environment
Regarding 2. The app is talking to SharePoint Online lists, all other connections are Azure function (using API key), Outlook. It is still working on the standalone app (mobile/teams etc.) But giving the error from the embeded PowerApps web part on the SharePoint Online web page. I cannot understand why blocking Microsoft Azure Management will also block web access to PowerApps?