Showing results for 
Search instead for 
Did you mean: 
Community Champion
Community Champion

Powerapps and Sharepoint Online Permissions



I created a PowerApp with a Sharepoint custom list as the data source. I granted all 315 users of the app "Site Member" status (R/W/E). 



  • The PowerApp has a LOT of validation in place (no blanks, min char counts for comments, etc.)
  • The Sharepoint URL leaked out and users have been creating new records DIRECTLY in the Sharepoint list instead of using the PowerApp
  • This has resulted in many partial records that make reporting impossible. 


  • How can I grant the correct permissions to allow users access to the Custom List but NOT give them permission to edit the Sharepoint list directly if they have the URL?


Thank you


WOW! The Kool-Aid is everywhere. All this to hack a SharePoint list and leave it vulnerable. Why not just leverage native custom list forms with no peripheral service dependencies and/or overall solution performance degradation while maintaining inherit current logged-in user context/security as well.

What if you create a Custom form for your list that has no function other than a message to use the app and add a launch link.  Then in the list settings prevent editing of the list via Quick edit.

Frequent Visitor

How do you stop the users opening the List in Power Bi/Excel and seeing everything that way?

Helper III
Helper III

@ericonline  I have a licensing question:

Do you buy 315 licenses for each user * $10?

Or there is some enterprise plan?

Thank you

Well,  note that it's it's $10  for one app, per user, per month.  

I'm surprised that no one mentioned about using Target Audience and losing the modern experience in SharePoint list.  Also don't see that it's not mentioned in the MS documentation about it's limitation... Love the idea of Target Audience since SP 2013 and still waiting for a bigger enhancement. 

Hi @Jeff_Thorpe 

If you can help, please, I have a request "for a user to be able to open a direct link to list item in PowerApps form without granting them access to the list. CONFRIMRING and checking if there any workaround. 
So, based on your answer above , users can't open a single direct item link in PowerApps form unless they have permission to the list??
The use case is we have a task tracker list(MSFT Lists) customized in PowerApps and sometimes it's needed to share an item link with managers so they can VIEW THE STATUS of the task(item). So we want the managers to be able to open an individual item in PowerApps form, but they shouldn't have access to whole list. 
Note: It's customized List in PowerApps , Not standalone.  I've posted the details here 
New Member

i am just wondering anyone find it there is a bigger disaster going to happen when you open MS List Apps.


All your list whether you hide or not hide is there and ready for view and edit.


Memorable Member
Memorable Member

Hi everyone!


Did anyone ever come up with a nice, bulletproof way to protect against users finding the Sharepoint URL and Creating/Editing/Deleting/etc. records? 


@WarrenBelz @RandyHayes 

Hi @seadude ,

Give the users a custom permission in SharePoint and remove "View Application Pages" and they will not be able to navigate to any view even if they know the URL.

Memorable Member
Memorable Member

This is awesome Warren! Testing now. Thank you so much for the insights!

Helpful resources

User Groups Public Preview

Join us for our User Group Public Preview!

Power Apps User Groups are coming! Make sure you’re among the first to know when user groups go live for public preview.

Power Apps Community Call

Monthly Power Apps Community Call

Did you miss the call?? Check out the Power Apps Community Call here!

Power Platform ISV STudio

Power Platform ISV Studio

ISV Studio is the go-to Power Platform destination for ISV’s to monitor & manage applications post-AppSource publish.

Top Solution Authors
Top Kudoed Authors
Users online (75,694)