cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
localneeds2018
Frequent Visitor

Security Issue?: Cannot log *out* of PowerApps

I have reproduced with multiple browsers (Edge, IE, Chrome) using multiple tenants with multiple accounts (Global Admins, Service Admins, PowerApps user).

 

Steps to reproduce:

 

(let's pretend we have two tenants named ContosoA & ContosoB)

 

  1. Go to https://web.powerapps.com
  2. Log in with credentials for ContosoA
  3. Go to upper-right user icon and click to open the drop down
  4. Click on "Sign Out"
  5. Wait for the sign out process to complete
  6. Close all browser windows (including those not being used for PowerApps)
  7. Open browser again and go to https://web.powerapps.com

    After Step #7 there is no prompt to login. I am taken directly to my PowerApps workspace and allowed all the same access even though I formally signed-out and closed all browsers. There is no prompt to reauthenticate.

    To continue, I found this works in both directions (which is the really scary part for developers)

  8. Repeat steps 3-6
  9. Open browser and go to https://ContosoB.sharepoint.com
  10. Verify you are logged in with correct accout for ContosoB as expected (so far, so good)
  11. Click the waffle in the upper-left corner and selec the app PowerApps
  12. Wait the new tab containing the PowerApps workspace to load
  13. Look at the upper-right corner and see the account currently logged in for PowerApps
  14. Is it for ContosoB (as it should be) or is it for ContosoA?

 

For me, it's the latter. This doesn't happen using InPrivate browsing, so that's at least something. The bigger issue is, since I manually signed-out, it should at least be prompting me to sign in again. But that is not happening.

1 ACCEPTED SOLUTION

Accepted Solutions
Anonymous
Not applicable

I had a similar problem. I have two O365 Enterprise profiles (one for my work, one for a client's), and I couldn't get out of the client's profile. I use Chrome. Clearing cookies that have powerapps (there are half a dozen or so websites with powerapps name on it) allowed me to finally switch back to my work's environment.

View solution in original post

4 REPLIES 4
v-monli-msft
Community Support
Community Support

Hi @localneeds2018,

 

This is mainly because that you have chosen to remember the login and password when you login to PowerApps site for the first time. I sometimes also encounter this issue, I usually get around this by going to https://powerapps.microsoft.com/en-us/ and select GET STARTED FREE:
Capture.PNG

 

Then go step by step, where you could login with the new account.

 

Regards,

Mona

Community Support Team _ Mona Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

That doesn't address the very serious problem: Clicking 'Sign Out' and closing the browser does not actually sign you out. The 'Sign Out' function, by definition, should work regardless of whether I chose to remember my login when I first authenticated. This is especially bad since I can be logged into one tenant, click the 'PowerApps' icon there, and be auto-directed to a different tenant with no additional login prompt at all. Frankly, that's terrifying and sort of a show-stopper from a application security standpoint.

 

Anonymous
Not applicable

I had a similar problem. I have two O365 Enterprise profiles (one for my work, one for a client's), and I couldn't get out of the client's profile. I use Chrome. Clearing cookies that have powerapps (there are half a dozen or so websites with powerapps name on it) allowed me to finally switch back to my work's environment.

After reading this thread, I wouldn't consider this as 'Solved'. While I realize this was years ago, I am seeing this same behavior now. Did you ever get a resolution for this?

Helpful resources

Announcements
Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

Power Platform Call June 2022 768x460.png

Power Platform Community Call

Join us for the next call on June 15, 2022 at 8am PDT.

PA Virtual Workshop Carousel 768x460.png

Register for a Free Workshop

This training provides practical hands-on experience in creating Power Apps solutions in a full-day of instructor-led App creation workshop.

PA.JPG

New Release Planning Portal (Preview)

Check out our new release planning portal, an interactive way to plan and prepare for upcoming features in Power Platform.

Top Solution Authors
Top Kudoed Authors
Users online (3,465)