cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Advocate I
Advocate I

Incorrect or misleading information related to app connection security?

Hi,

 

Is it me or is the information related to app connection security outlined here blatantly wrong (or old)?

 

PowerApps and Flow ensure that your data is secure because they connect to external services on behalf of users. So only authorized users can access your data with authorization decisions based on the user’s identity. It’s impossible for a flow or app to perform an operation in a service for which the creator does not have permissions.

 

Even when users grant other users access to a flow or app, access to the data is not shared when sharing an app. Users must provide their own credentials to create their own non-shared connection to the data sources. Users can share their flows or apps with other authenticated users in their organizations, and each user provides their own credential to create their own (non-shared) connection to the data sources.

 

I agree this is the case for some connectors, but there are others to which the above definitely does not apply.

For example, the SharePoint connector does request the user of the app to login, however others apps (such as SQL Server or Twilio) only ask the user to trust the connection, after which the connection is made using the credentials set by the creator of the app.

 

Does anyone here know of an up-to-date article that explains the access management concept?

 

Cheers.

2 REPLIES 2
Highlighted
Community Support
Community Support

Re: Incorrect or misleading information related to app connection security?

Hi @MZSR,

 

About sharing resources used in the app, please check on below documentation:

https://docs.microsoft.com/en-us/powerapps/maker/canvas-apps/share-app-resources

"

Some types of connections, such as SQL Server, are shared automatically, but others require users to create their own connections to the data source or sources in the app.

"

 

Regards,

Mona

Community Support Team _ Mona Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Highlighted
Advocate I
Advocate I

Re: Incorrect or misleading information related to app connection security?

Thank you. Is this still up to date? The first comment about the article being a little old worries me.

 

Has a list been published anywhere of connectors that can be shared / not shared?

Helpful resources

Announcements
Community Conference

Power Platform Community Conference

Check out the on demand sessions that are available now!

Power Platform ISV Studio

Power Platform ISV Studio

ISV Studio is designed to become the go-to Power Platform destination for ISV’s to monitor & manage published applications.

secondImage

Power Platform 2020 release wave 2 plan

Features releasing from October 2020 through March 2021

Tech Marathon

Maratón de Soluciones de Negocio Microsoft

Una semana de contenido con +100 sesiones educativas, consultorios, +10 workshops Premium, Hackaton, EXPO, Networking Hall y mucho más!

Top Solution Authors
Top Kudoed Authors
Users online (7,124)