Customer security team has this question.
In Azure AD when they trying to give access to https://powerusers.microsoft.com/t5/Power-Apps-Community/ct-p/PowerApps1, they get this below (see attached), AAD consent.
Why Power Apps Community requires "Read all user's basic profiles"?
Security team is not too happy to provide this permission for the whole entire Corporate AAD.
Can anyone explain?
Hi @PrashantNayak ,
The reason why you met this problem is that powerapps need these information in many aspects.
For example, powerapps need read users' role to distinguish users' permission in PowerApps.
Role in Azure AD is in talent level, which means that it is valid in PowerApps too.
If you connect with Office 365 connector, it will need more profiles of Azure AD.
Office 365 Users lets you access user profiles in your organization using your Office 365 account.
What's more, in powerapps, if you want to share apps, you also need to know who is in your talent.
In default environment, you could view all apps in your talent. The Prerequisite is to know who is in your talent.
There are many usages of reading user's basic profiles in PowerApps.
So having this permission is very important.
Fill out a quick form to claim your user group badge now!
Find out where you can attend!
Features releasing from October 2019 through March 2020
Learn how to build the business apps that you need.