Is there any plan to allow Apps to be shared with Outlook Distribution lists (not shared mailboxes) / AD groups / SharePoint security groups? It is PAINFULLY inefficient to share our apps with 360+ people EVERY time we create a new one.
We're a large organization so "sharing with everyone" is not an option. These are apps created for our team of 360+. If there's nothing in the pipeline, can someone tag a Microsoft rep/dev to get this on their radar? I know there's this help page but I'm not an Azure-AD expert (or a system admin) and wasn't able to do this.
Solved! Go to Solution.
Yes...70% is close...let's go to the 100% now!!
So, if your groups are standard groups in Office365, then
consider the following in the StartScreen property:
If(
LookUp(Office365Groups.ListOwnedGroupsV3().value, displayName="<yourGroupNameHere>", true),
mainAppScreenNameHere,
accessDeniedScreenNameHere
)
Note, with this you can just use the group name, you don't need to go hunt down the group ID.
Essentially - the ListOwnedGroupsV3 action will return any group that you are in (even though the name implies only the groups you "own"). So the formula here will just do a lookup on that returned table of groups and find the first group that has a displayName equal to what your group is. If it is found, then it will return true. If not, it will be false, and thus the If statement will then choose the appropriate start screen...either your main start screen or an "access denied" screen.
@Chris110 you can see if this has been posted in the Ideas Forum. If not you can add a post with your idea.
Regards,
-S
Please click Accept as solution if my post helped you solve your issue. This will help others find it more readily. It also closes the item. If the content was useful in other ways, please consider giving it Thumbs Up.
Please click Accept as solution if my post helped you solve your issue. This will help others find it more readily. It also closes the item. If the content was useful in other ways, please consider giving it Thumbs Up.
I wouldn't expect anything to address outlook distribution lists as they are a bit ambiguous.
As a suggestion...an easy solution is to allow all users access to your app, and then in the app, put logic in the startscreen property to determine if the person is in the group that you want. If not, show them a screen that they do not have access to the app.
It is not a 100% solution in all cases, but it does add a little level of flexibility to it and avoids the waiting game for new sharing features to be added.
I hope this is helpful for you.
I'd settle for a SharePoint Group or an AD group at this point to be honest...
Could you elaborate a bit on your proposed workaround? If I have a SharePoint site called "Test Site," a list called "Test List," and the group which gives users Contribute access is "Contributors," how would that look in the StartScreen property?
Or do I have to put all 360+ people in a separate list with their email addresses and use the "User().Email in..." function? (please say it's not that.........)
Well, you originally mentioned that they were in a distro list. I am assuming that is a group in your Office 365 tenant. So, you can just look for that membership in the group.
I would avoid the SharePoint user/group permissions as they are really kind of separate from the primary Office 365 environment (in fact there is a behind the scenes process that syncs the two). But if you define groups and users in the sharepoint environment, you aren't saving anything...that would still be 360+ changes.
However, if the 360+ people are already in a group, then you can check for that membership.
If that group is flagged as a security group as well, then you can add it in the Share part of the app and all the above is a moot point.
So we have people setup a few different ways (right, wrong, or indifferent) - Distribution List for emails and SharePoint groups for access to our SP sites. That's fine if I need to avoid using SP user/group permissions and need to focus on the distribution lists. I was just grasping at all straws available to make this work!
I played around a little bit after doing some research and I think I'm about 70% of the way there. Here's what I did:
0. Went into the Azure portal to get the group id for the distribution list.
1. Created a Gallery with Items property = Office365Groups.ListGroupMembers("group id").value
2. Added a Label with Text property = ThisItem.mail
This resulted in a full list of everyone in the distribution list (and why I think 70% is fair! lol)
Question is - how can I filter the list by User().Email? Or any other method for that matter?
Thanks for all of your help with this one! Definitely seems VERY complicated and a learning experience for me. I'll be following @sperry1625's advice and posting in the Ideas area as well - this is a real pain in the neck!
Yes...70% is close...let's go to the 100% now!!
So, if your groups are standard groups in Office365, then
consider the following in the StartScreen property:
If(
LookUp(Office365Groups.ListOwnedGroupsV3().value, displayName="<yourGroupNameHere>", true),
mainAppScreenNameHere,
accessDeniedScreenNameHere
)
Note, with this you can just use the group name, you don't need to go hunt down the group ID.
Essentially - the ListOwnedGroupsV3 action will return any group that you are in (even though the name implies only the groups you "own"). So the formula here will just do a lookup on that returned table of groups and find the first group that has a displayName equal to what your group is. If it is found, then it will return true. If not, it will be false, and thus the If statement will then choose the appropriate start screen...either your main start screen or an "access denied" screen.