cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
MZSR
Level: Powered On

Incorrect or misleading information related to app connection security?

Hi,

 

Is it me or is the information related to app connection security outlined here blatantly wrong (or old)?

 

PowerApps and Flow ensure that your data is secure because they connect to external services on behalf of users. So only authorized users can access your data with authorization decisions based on the user’s identity. It’s impossible for a flow or app to perform an operation in a service for which the creator does not have permissions.

 

Even when users grant other users access to a flow or app, access to the data is not shared when sharing an app. Users must provide their own credentials to create their own non-shared connection to the data sources. Users can share their flows or apps with other authenticated users in their organizations, and each user provides their own credential to create their own (non-shared) connection to the data sources.

 

I agree this is the case for some connectors, but there are others to which the above definitely does not apply.

For example, the SharePoint connector does request the user of the app to login, however others apps (such as SQL Server or Twilio) only ask the user to trust the connection, after which the connection is made using the credentials set by the creator of the app.

 

Does anyone here know of an up-to-date article that explains the access management concept?

 

Cheers.

2 REPLIES 2
Community Support Team
Community Support Team

Re: Incorrect or misleading information related to app connection security?

Hi @MZSR,

 

About sharing resources used in the app, please check on below documentation:

https://docs.microsoft.com/en-us/powerapps/maker/canvas-apps/share-app-resources

"

Some types of connections, such as SQL Server, are shared automatically, but others require users to create their own connections to the data source or sources in the app.

"

 

Regards,

Mona

Community Support Team _ Mona Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
MZSR
Level: Powered On

Re: Incorrect or misleading information related to app connection security?

Thank you. Is this still up to date? The first comment about the article being a little old worries me.

 

Has a list been published anywhere of connectors that can be shared / not shared?

Helpful resources

Announcements
thirdimage

Power Apps Super User Class of 2020

Check it out!

thirdimage

New Badges

Check it out!

thirdimage

Power Apps Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

sixthImage

Power Platform World Tour

Find out where you can attend!

Power Platform 2019 release wave 2 plan

Power Platform 2019 release wave 2 plan

Features releasing from October 2019 through March 2020

SecondImage

Difinity Conference

The largest Power BI, Power Platform, and Data conference in New Zealand

Top Solution Authors
Top Kudoed Authors
Users online (5,033)