cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
kenny_i
Frequent Visitor

How to get list of Azure AD groups where current users is member of?

‎05-22-2018 11:52 PM

I would like to get list of AD groups of current user. How to do it?

I would like to use AD groups for authorization like if is member of admin group or not and provide admin feature in PowerApps

 

 

Labels:
Message 1 of 5
7,589 Views
0 Kudos
Reply
4 REPLIES 4
vecerpa
Memorable Member
Memorable Member

‎05-23-2018 01:32 AM

Hi @kenny_i,

As far as I know there is no connector to lokal AD.

 

But there is connector to AzureAD that can be used for this (warning it is in Preview, so it can be changed).

Here is detailed description of this connector - https://docs.microsoft.com/en-us/connectors/azuread/ we are looking for function AzureAD.CheckMemberGroups. This function check membership of currently logged user against specific group. GroupID can be obtained from AzureAD.

 

UpdateContext() updates variable inside PowerApp that can be used in other parts of PA to enable/disable admin functions based on Azure AD group membership.

 

So the whole formula should look like this:

 

If(IsEmpty(
         AzureAD.CheckMemberGroups(User().Email,Table({Value:"This is where the group ID will go"}))
         ), 
   UpdateContext({ShowAdminLogin:false}),
   UpdateContext({ShowAdminLogin:true})
  )

Hope this is helpful.

P.

Message 2 of 5
7,580 Views
0 Kudos
Reply
kenny_i
Frequent Visitor
In response to vecerpa

‎05-23-2018 03:51 AM

Do you mean that example checks if user belongs to certain AD group or not by GroupID?

 

Is it possible to get list of ad groups by current user? Let say "AdministorGroup", "FinanceGroup", "USGroup"?

Message 3 of 5
7,576 Views
0 Kudos
Reply
vecerpa
Memorable Member
Memorable Member
In response to kenny_i

‎05-23-2018 04:55 AM

Hi @kenny_i,

 

Yes.

 

Yes it is possible:

 

Set(valGroups;AzureAD.GetMemberGroups(User().Email;false));;
Set(valDisplayName;Concat(valGroups;AzureAD.GetGroup(Value).displayName;","))

First set is loading into variable "valGroups" all IDs of groups where current user is a member.

Second set is loading into variable "valDisplayName" by IDs stored in first variable name of such groups separated by comma.

 

P.

Message 4 of 5
7,573 Views
0 Kudos
Reply
vecerpa
Memorable Member
Memorable Member
In response to kenny_i

‎05-24-2018 01:05 PM

Hi again @kenny_i,

 

I got one small update. It is not possible to use Azure AD connector when you want to share app with standard users and nod administrators. This connector requires specific permission that have only tenant administrators.

 

There is need to create custom connector that will dig information about groups via Graph API. When working like this you can grant almost any permission (when you are tenant administrator) you want per custom connector you create....

 

Here is link to thread - https://powerusers.microsoft.com/t5/Connectors/Issue-with-Azure-AD-Connector/m-p/118771/highlight/fa...

 

P.

Message 5 of 5
7,568 Views
Reply

Helpful resources

Announcements
News & Announcements

Community Blog

Stay up tp date on the latest blogs and activities in the community News & Announcements.

Power Apps Community Call

Power Apps Community Call- January

Mark your calendars and join us for the next Power Apps Community Call on January 20th, 8a PST

PP Bootcamp Carousel

Global Power Platform Bootcamp

Dive into the Power Platform stack with hands-on sessions and labs, virtually delivered to you by experts and community leaders.

secondImage

Power Platform Community Conference On Demand

Watch Nick Doelman's session from the 2020 Power Platform Community Conference on demand!

View All
Top Solution Authors
View All
Top Kudoed Authors
View All
Users online (4,178)