Hi,
With the Office 365 Users-Connector you can get relevant poeple (https://docs.microsoft.com/en-us/connectors/office365users/#get-relevant-people ).
To see the relevant poeple for other users, you need the People.Read.All permission. (https://docs.microsoft.com/en-us/graph/people-example#browse-another-users-relevant-people )
How/Where can I change this permission? I don't want that everybody has this permission.
Solved! Go to Solution.
To finally close this topic:
Microsoft changed on 12 Oct 2020 the documentation concerning the GraphAPI and the "relevantPeople" and is now explaining the "working with future".
Sadly to say, that I find that by myself. The half year with support ticket was not helpful at all in this point. 😞
Links:
Hi @max81 ,
Graph API permission can be changed in Azure Portal.
Please refer to this docs: Microsoft Graph permissions reference and this video: Getting Started with Microsoft Graph and Consent Permissions which provides guidance about how to use the permissions.
However, since the Office365User Connector is a predefined API, so all user have the People.Read.All permission. There is no way to change the permission of Office365User Connector.
But, I think you can use some condition logic in PowerApps If you want to restrict some users from using this function.
For example:
If(
User().Email <> "Admin@Domain.com",
Notify("No Permission"),
Office365Users.RelevantPeople(User().Email).value
)
Hope this helps.
Sik
thanks @v-siky-msft for your answer!
Could you please check this again. I know some companies that also using this function in PowerApps and their users don't have access to the relevant people. So there must be a way to change the permission level of the users.
Your code doesn't help because most of the users in our company will build their own apps. And I cannot block the Office 365 User connector because it's one of the most needed one.
Hi @max81 .
My code doesn't block the Office 365 User connector, it just add a condition, for example, only admin have permission to run the RelevantPeople function.
Since the Office365 Connector is pre-defined, it is certain that there is no OOB to modify it.
As another workaround, You may try to create a new Custom Connector, then you are able to configure the Graph API permission.
Hope this helps.
Sik
Maybe there is a missunderstanding.
I don't want that users can see other users relevant people.
No matter if they use the Office 365 connector or Graph directly.
Nobody in the tenant should be able to see the relevant poeple of someone else.
Therefor I want to restrict the permission "People.Read.All".
Where can I change this permission?
So I don't want to change the Office 365 Users connector and I don't want to create a custom connector.
Hi @max81 ,
Please consider submitting a Support Ticket to Microsoft for further assistance.
Reference: Get Help + Support
Sik
I've created a Ticket and I'm waiting for an answer.
I'll post my feedback here.
To finally close this topic:
Microsoft changed on 12 Oct 2020 the documentation concerning the GraphAPI and the "relevantPeople" and is now explaining the "working with future".
Sadly to say, that I find that by myself. The half year with support ticket was not helpful at all in this point. 😞
Links:
User | Count |
---|---|
156 | |
90 | |
67 | |
63 | |
62 |
User | Count |
---|---|
212 | |
157 | |
96 | |
86 | |
76 |