With the Office 365 Users-Connector you can get relevant poeple (https://docs.microsoft.com/en-us/connectors/office365users/#get-relevant-people ).
To see the relevant poeple for other users, you need the People.Read.All permission. (https://docs.microsoft.com/en-us/graph/people-example#browse-another-users-relevant-people )
How/Where can I change this permission? I don't want that everybody has this permission.
Hi @max81 ,
Graph API permission can be changed in Azure Portal.
Please refer to this docs: Microsoft Graph permissions reference and this video: Getting Started with Microsoft Graph and Consent Permissions which provides guidance about how to use the permissions.
However, since the Office365User Connector is a predefined API, so all user have the People.Read.All permission. There is no way to change the permission of Office365User Connector.
But, I think you can use some condition logic in PowerApps If you want to restrict some users from using this function.
If( User().Email <> "Admin@Domain.com", Notify("No Permission"), Office365Users.RelevantPeople(User().Email).value )
Hope this helps.
thanks @v-siky-msft for your answer!
Could you please check this again. I know some companies that also using this function in PowerApps and their users don't have access to the relevant people. So there must be a way to change the permission level of the users.
Your code doesn't help because most of the users in our company will build their own apps. And I cannot block the Office 365 User connector because it's one of the most needed one.
Hi @max81 .
My code doesn't block the Office 365 User connector, it just add a condition, for example, only admin have permission to run the RelevantPeople function.
Since the Office365 Connector is pre-defined, it is certain that there is no OOB to modify it.
As another workaround, You may try to create a new Custom Connector, then you are able to configure the Graph API permission.
Hope this helps.
Maybe there is a missunderstanding.
I don't want that users can see other users relevant people.
No matter if they use the Office 365 connector or Graph directly.
Nobody in the tenant should be able to see the relevant poeple of someone else.
Therefor I want to restrict the permission "People.Read.All".
Where can I change this permission?
So I don't want to change the Office 365 Users connector and I don't want to create a custom connector.
Check out the on demand sessions that are available now!
Stay up tp date on the latest blogs and activities in the community News & Announcements.
Features releasing from October 2020 through March 2021
Check out the Power Platform Community Highlights