cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
Li
Advocate I
Advocate I

Powerapps Permission/License and not working in Browser when conditional access rule enabled (block Management Azure Management)

‎04-04-2019 08:36 AM

Can anyone help me about the following questions...

1. We built a PowerApp and in order to allow everyone else in the organization to use it, we need to turn on their licnese under the business subscription (E3)? Does that mean, once users have licnese, they can also create apps within our company's domain (environment)?

 

2. The biggest issue we are facing is our internal tech support would like to block normal user access to Azure management portal (https://portal.azure.com) so they followed the article below and applied the conditional access to block the MS Azure Management for normal users. This does the job 

 

https://docs.microsoft.com/en-us/azure/role-based-access-control/conditional-access-azure-management

 

However, the PowerApps embeded in the SharePoint page are now asking for signing in. The domain user clicks sign in and will get an error.  Has anyone met similar issue? Really struggle with this and hard to find out the connection between PowerApps and Azure Management...

pa1.pngpa2.png 

 

Labels:
Message 1 of 4
774 Views
0 Kudos
3 REPLIES 3
v-monli-msft
Community Support
Community Support

‎04-05-2019 02:31 AM

Hi @Li ,

 

1. If you would like the user not be able to create App in the environments, then you may remove the user from the Environment Admin and the Environment Maker, only share the App (set with Can use permission) created in the Environments with the user.

Doing in this way would have those users only be able to use the App shared with them, but have no rights to create new app in the corresponding Environments.

 

For now, permission configured through the environments have two roles:

Environment Admin, Environment Maker.

Please check the Manage security for your environments part in the following article for more details:

Environments administration in PowerApps

"

The Environment Maker role can create resources within an environment including apps, connections, custom connectors, gateways, and flows using Microsoft Flow. Environment Makers can also distribute the apps they build in an environment to other users in your organization. They can share the app with individual users, security groups, or all users in the organization. For more information, seeShare an app in PowerApps.

"

2. What is the data source of this app? To access data inside the app, users must sign in and their account must have the proper permission on the data source. For more information, please refer to:

https://docs.microsoft.com/en-us/powerapps/maker/canvas-apps/share-app-resources

 

Regards,

Mona

Community Support Team _ Mona Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Message 2 of 4
760 Views
0 Kudos
Li
Advocate I
Advocate I
In response to v-monli-msft

‎04-05-2019 04:26 AM

Thanks very much for looking into my questions! @v-monli-msft 

 

Regarding 1. I have already followed the links to remove user roles, however, they can still see the Create button from PowerApps portal, I noticed some people mentioned it's something to do with default environment? if that's ture, that means any user can create PowerApps in the default environment

pa3.pngpa4.png

 

Regarding 2. The app is talking to SharePoint Online lists, all other connections are Azure function (using API key), Outlook. It is still working on the standalone app (mobile/teams etc.) But giving the error from the embeded PowerApps web part on the SharePoint Online web page. I cannot understand why blocking Microsoft Azure Management will also block web access to PowerApps?

 

Thanks for your time!

Message 3 of 4
752 Views
0 Kudos

Helpful resources

Announcements
Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

Power Platform Call June 2022 768x460.png

Power Platform Community Call

Join us for the next call on June 15, 2022 at 8am PDT.

PA Virtual Workshop Carousel 768x460.png

Register for a Free Workshop

This training provides practical hands-on experience in creating Power Apps solutions in a full-day of instructor-led App creation workshop.

PA.JPG

New Release Planning Portal (Preview)

Check out our new release planning portal, an interactive way to plan and prepare for upcoming features in Power Platform.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All
Users online (1,794)