cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Advocate V
Advocate V

Office 365 Users with user's relevant people - how to change permission

Hi,

 

With the Office 365 Users-Connector you can get relevant poeple (https://docs.microsoft.com/en-us/connectors/office365users/#get-relevant-people ).

To see the relevant poeple for other users, you need the People.Read.All permission. (https://docs.microsoft.com/en-us/graph/people-example#browse-another-users-relevant-people )

 

How/Where can I change this permission? I don't want that everybody has this permission.

 
6 REPLIES 6
Community Support
Community Support

Hi @max81 ,

 

Graph API permission can be changed in Azure Portal.

Please refer to this docs: Microsoft Graph permissions reference  and this video: Getting Started with Microsoft Graph and Consent Permissions which provides guidance about how to use the permissions.

Snipaste_2020-07-10_11-15-33.png

 

However, since the Office365User Connector is a predefined API, so all user have the People.Read.All permission. There is no way to change the permission of Office365User Connector.

But, I think you can use some condition logic in PowerApps If you want to restrict some users from using this function.

For example:

If(
    User().Email <> "Admin@Domain.com",
    Notify("No Permission"),
    Office365Users.RelevantPeople(User().Email).value
)

Hope this helps.

Sik

thanks @v-siky-msft for your answer!

 

Could you please check this again. I know some companies that also using this function in PowerApps and their users don't have access to the relevant people. So there must be a way to change the permission level of the users.

 

Your code doesn't help because most of the users in our company will build their own apps. And I cannot block the Office 365 User connector because it's one of the most needed one.

Hi @max81 .

 

My code doesn't block the Office 365 User connector, it just add a condition, for example, only admin have permission to run the RelevantPeople function.

 

Since the Office365 Connector is pre-defined, it is certain that there is no OOB to modify it. 

As another workaround, You may try to create a new Custom Connector, then you are able to configure the Graph API permission.

Reference:https://toddbaginski.com/blog/how-to-make-a-custom-connector-for-powerapps-and-flow-that-calls-the-m... 

connector-auth.jpg

Hope this helps.

Sik

Maybe there is a missunderstanding.

 

I don't want that users can see other users relevant people.

No matter if they use the Office 365 connector or Graph directly.

Nobody in the tenant should be able to see the relevant poeple of someone else.

 

Therefor I want to restrict the permission "People.Read.All".

Where can I change this permission?

 

So I don't want to change the Office 365 Users connector and I don't want to create a custom connector.

 

 

 

Hi @max81 ,

 

Please consider submitting a Support Ticket to Microsoft for further assistance.

Reference: Get Help + Support 

Sik

I've created a Ticket and I'm waiting for an answer.

 

I'll post my feedback here.

Helpful resources

Announcements
Community Conference

Power Platform Community Conference

Check out the on demand sessions that are available now!

News & Announcements

Community Blog

Stay up tp date on the latest blogs and activities in the community News & Announcements.

secondImage

Power Platform 2020 release wave 2 plan

Features releasing from October 2020 through March 2021

Community Highlights

Community Highlights

Check out the Power Platform Community Highlights

Top Solution Authors
Top Kudoed Authors
Users online (13,005)