cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Frequent Visitor

How to get list of Azure AD groups where current users is member of?

I would like to get list of AD groups of current user. How to do it?

I would like to use AD groups for authorization like if is member of admin group or not and provide admin feature in PowerApps

 

 

4 REPLIES 4
Memorable Member
Memorable Member

Hi @kenny_i,

As far as I know there is no connector to lokal AD.

 

But there is connector to AzureAD that can be used for this (warning it is in Preview, so it can be changed).

Here is detailed description of this connector - https://docs.microsoft.com/en-us/connectors/azuread/ we are looking for function AzureAD.CheckMemberGroups. This function check membership of currently logged user against specific group. GroupID can be obtained from AzureAD.

 

UpdateContext() updates variable inside PowerApp that can be used in other parts of PA to enable/disable admin functions based on Azure AD group membership.

 

So the whole formula should look like this:

 

If(IsEmpty(
         AzureAD.CheckMemberGroups(User().Email,Table({Value:"This is where the group ID will go"}))
         ), 
   UpdateContext({ShowAdminLogin:false}),
   UpdateContext({ShowAdminLogin:true})
  )

Hope this is helpful.

P.

Do you mean that example checks if user belongs to certain AD group or not by GroupID?

 

Is it possible to get list of ad groups by current user? Let say "AdministorGroup", "FinanceGroup", "USGroup"?

Hi @kenny_i,

 

Yes.

 

Yes it is possible:

 

Set(valGroups;AzureAD.GetMemberGroups(User().Email;false));;
Set(valDisplayName;Concat(valGroups;AzureAD.GetGroup(Value).displayName;","))

First set is loading into variable "valGroups" all IDs of groups where current user is a member.

Second set is loading into variable "valDisplayName" by IDs stored in first variable name of such groups separated by comma.

 

P.

Hi again @kenny_i,

 

I got one small update. It is not possible to use Azure AD connector when you want to share app with standard users and nod administrators. This connector requires specific permission that have only tenant administrators.

 

There is need to create custom connector that will dig information about groups via Graph API. When working like this you can grant almost any permission (when you are tenant administrator) you want per custom connector you create....

 

Here is link to thread - https://powerusers.microsoft.com/t5/Connectors/Issue-with-Azure-AD-Connector/m-p/118771/highlight/fa...

 

P.

Helpful resources

Announcements
News & Announcements

Community Blog

Stay up tp date on the latest blogs and activities in the community News & Announcements.

Power Apps Community Call

Power Apps Community Call- January

Mark your calendars and join us for the next Power Apps Community Call on January 20th, 8a PST

PP Bootcamp Carousel

Global Power Platform Bootcamp

Dive into the Power Platform stack with hands-on sessions and labs, virtually delivered to you by experts and community leaders.

secondImage

Power Platform Community Conference On Demand

Watch Nick Doelman's session from the 2020 Power Platform Community Conference on demand!

Top Solution Authors
Top Kudoed Authors
Users online (4,178)