cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Advocate I
Advocate I

Incorrect or misleading information related to app connection security?

Hi,

 

Is it me or is the information related to app connection security outlined here blatantly wrong (or old)?

 

PowerApps and Flow ensure that your data is secure because they connect to external services on behalf of users. So only authorized users can access your data with authorization decisions based on the user’s identity. It’s impossible for a flow or app to perform an operation in a service for which the creator does not have permissions.

 

Even when users grant other users access to a flow or app, access to the data is not shared when sharing an app. Users must provide their own credentials to create their own non-shared connection to the data sources. Users can share their flows or apps with other authenticated users in their organizations, and each user provides their own credential to create their own (non-shared) connection to the data sources.

 

I agree this is the case for some connectors, but there are others to which the above definitely does not apply.

For example, the SharePoint connector does request the user of the app to login, however others apps (such as SQL Server or Twilio) only ask the user to trust the connection, after which the connection is made using the credentials set by the creator of the app.

 

Does anyone here know of an up-to-date article that explains the access management concept?

 

Cheers.

2 REPLIES 2
Highlighted
Community Support
Community Support

Re: Incorrect or misleading information related to app connection security?

Hi @MZSR,

 

About sharing resources used in the app, please check on below documentation:

https://docs.microsoft.com/en-us/powerapps/maker/canvas-apps/share-app-resources

"

Some types of connections, such as SQL Server, are shared automatically, but others require users to create their own connections to the data source or sources in the app.

"

 

Regards,

Mona

Community Support Team _ Mona Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Highlighted
Advocate I
Advocate I

Re: Incorrect or misleading information related to app connection security?

Thank you. Is this still up to date? The first comment about the article being a little old worries me.

 

Has a list been published anywhere of connectors that can be shared / not shared?

Helpful resources

Announcements
Ignite

Microsoft Ignite

This will be a conference that you do not want to miss!

secondImage

New Return to Workplace

Reopen responsibly, monitor intelligently, and protect continuously with solutions for a safer work environment.

August 2020 CYST Challenge

Check out the winners of the recent 'Can You Solve These?' community challenge!

Experience what’s next for Power Apps

Join us for an in-depth look at the new Power Apps features and capabilities at the free Microsoft Business Applications Launch Event.

Check this Out

Helpful information

Featuring samples like Return to the Workplace and Emergency Response Applications

secondImage

Power Platform 2020 release wave 2 plan

Features releasing from October 2020 through March 2021

Top Solution Authors
Top Kudoed Authors
Users online (4,277)