cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
MKR17
Frequent Visitor

Authentication in Powerapps

Where and how does authentication happen when we login into microsoft cloud using my office credentials?

When I use my office email to login into powerapps what is the authentication process.

Do we have a copy of our AD(within our network) synced periodically to a copy in microsoft cloud?

Can we not maintain our AD copy in microsoft cloud and authenticate our credentials within our network and still be able to login to powerapps in cloud ?

 

Thanks

 

1 ACCEPTED SOLUTION

Accepted Solutions
v-xida-msft
Community Support
Community Support

Hi @MKR17 ,

Currently, within most of Microsoft Cloud services, it use Azure Active Directory (Azure AD, Microsoft's cloud identity service) as the authentication way.

More details about authentications within Office 365 cloud service, please check the following article:

https://docs.microsoft.com/en-us/office365/enterprise/about-office-365-identity

 

When you sign in PowerApps first time, it would ask you to provide your email address, then password. When you click "Submit" button, it would send a http request to Azure Active Directory (Microsoft's cloud identity service), Azure Active Directory check the credentials you passed, if correct, return a Access_Token back to your client and your Client store the Access_Token within your browser.

After that, your client would send another http request along with the Access_Token to Azure Active Directory server, Azure Active Directory server check the Access_Token, if match, you would be authorized with permisson to access PowerApps.

 

Next time, you sign in PowerApps, you do not need to provide username (email) and password again, you could send an http request to Azure Active Directory server along with the Access_Token directly.

 

If you do not maintain our AD copy in microsoft cloud and authenticate our credentials within our network, I afraid that you could not able to login to PowerApps in cloud.

 

Best regards,

Community Support Team _ Kris Dai
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

2 REPLIES 2
v-xida-msft
Community Support
Community Support

Hi @MKR17 ,

Currently, within most of Microsoft Cloud services, it use Azure Active Directory (Azure AD, Microsoft's cloud identity service) as the authentication way.

More details about authentications within Office 365 cloud service, please check the following article:

https://docs.microsoft.com/en-us/office365/enterprise/about-office-365-identity

 

When you sign in PowerApps first time, it would ask you to provide your email address, then password. When you click "Submit" button, it would send a http request to Azure Active Directory (Microsoft's cloud identity service), Azure Active Directory check the credentials you passed, if correct, return a Access_Token back to your client and your Client store the Access_Token within your browser.

After that, your client would send another http request along with the Access_Token to Azure Active Directory server, Azure Active Directory server check the Access_Token, if match, you would be authorized with permisson to access PowerApps.

 

Next time, you sign in PowerApps, you do not need to provide username (email) and password again, you could send an http request to Azure Active Directory server along with the Access_Token directly.

 

If you do not maintain our AD copy in microsoft cloud and authenticate our credentials within our network, I afraid that you could not able to login to PowerApps in cloud.

 

Best regards,

Community Support Team _ Kris Dai
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Hi @v-xida-msft , 

Your explanation of the authentication flow was very helpful. But I was wondering if there is any possibility to pass an Access_Token to my PowerApp. 

My Power App runs in an mobile flutter application, where the user is already authenticated and has a valid token. The Power App runs in a web view (iFrame) and I don´t want the user to sign in again in the power app.

 

And is there something like an app registration in azure ad for a power app? I  saw it has an application id, but I could´t find it in our azure ad..

 

Thanks in advance!

Helpful resources

Announcements
Power Apps Africa Challenge 2022

Power Apps Africa Challenge

Your chance to join an engaging competition of Power Platform enthusiasts.

Super User 2 - 2022 Congratulations

Welcome Super Users

The Super User program for 2022 - Season 2 has kicked off!

September Events 2022

Check out all of these events

Attend in person or online, there are incredible conferences and events happening all throughout the month of September.

Government Carousel

New forum: GCC, GCCH, DoD - Federal App Makers (FAM)

In response to the unique and evolving requirements of the United States public sector, Microsoft has created Power Apps US Government.

Users online (2,308)