Security management question here for anyone with more expertise than me 😀
I'm building a Model driven app which will be a replacement for a bespoke legacy app that has a few thousand users
The legacy app had custom user management functionality built into it to allow Super Users to manage access and create new users
I know that we have the admin centre in Power Apps to manage users but I'm wondering if there's a way to setup security roles or teams for this app so that the Super Users can only create and manage other users within the same app and within the same environment?
I don't want to give them too much access that would give them access to other environments
Since I couldn't find a standard security role for this and didn't want to create a custom Power Apps one (not even sure if a custom security role could restrict access to functions within the Power Platform Admin centre, maybe a specific Microsoft/Office 365 security role could do this but I don't have access to this)
I discussed this with the client and they have accepted that this will have to be a business process change that user and security role administration for the custom Power app will be managed by their IT department going forward.
They are actually happier not having to do this themselves providing they can sign off on the new business process and are required to approve unusual access requests.