cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

Making SQL Connector Secure

Problem

The biggest problem with developing PowerApps with Azure SQL Database is that we have to share the SQL Connector with each user of the app.

What that means is that each employee can bypass the app by creating their own app and adding this connector to their app (since it is shared). They get the ability to see all the tables and views in the database. Basically, everything there is in the SQL database, on top of that they also get the ability to edit the information in any way they please.

This is not an issue for non-confidential information and simple apps. However, we have plans to develop more complex apps with data that should not be seen by everyone who will be using the app. PowerApps is great as we can build custom logic on who sees what. However, since each employee can create a fake app and throw in the SQL connector that was shared with them, this means that all the security and complex data validation built in the app becomes useless.

 

Idea

I think the simplest solution would be to make the SQL Connector when sharing it, the user gets “Can use” permission, it would be great if we could give an even lower permission level like “Can use only in this App”. This would make it impossible for them to create fake apps and throw in this SQL Connector to see data they are not supposed to see.

OR

Another option would be that when user has “Can use” permissions on SQL Connector they would only be allowed to use it where the owner put that SQL Connection, making it impossible for them to drop this connection in their Apps or Flows.

 

 

Either one of those solutions would make PowerApps a lot more useful for a large number of corporations. This would definitely push PowerApps adoption for more complex systems and bring it above other similar platforms out there.

 

Please consider voting for this idea, really appreciate your support.

 

 

I had a previous idea which incorporated more data sources (Excel files, SharePoint Lists) which have the same problem where user can just by pass the App and go directly to the source to do unrestricted modifications. I understand that this idea is a lot harder to implement and might be even impossible to do due to the way PowerApps is built and integrated with the whole Office 365 environment.

Link to the old idea.

 

 

I think this new approach should be easier to implement with great benefits. What is your opinion on the matter?

6 REPLIES 6
Community Support Team
Community Support Team

Re: Making SQL Connector Secure

Hi @Anonymous,

 

Thanks for your feedback. For feature request related discussion, please submit an idea in the PowerApps Ideas forum, which would be a better place for others to see, discuss about the idea, and vote on it, so that it might be considered for future releases.
https://powerusers.microsoft.com/t5/PowerApps-Ideas/idb-p/PowerAppsIdeas

Regards,
Mona Li

Community Support Team _ Mona Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Meneghino
Level 10

Re: Making SQL Connector Secure

Thank you @Anonymous for pointing this out!

I had not noticed that the connection was available to all in the default environment!

As a work-around we now avoid the default environment.

Anonymous
Not applicable

Re: Making SQL Connector Secure

Hi @Meneghino

 

Glad you found this helpful.

 

Maybe you could help me with those questions:

 

Do I need any high-level access (System admin access rights) to Office 365 Suite to create environments or just having PowerApps Plan 2 will be enough?

 

Will all users in my organization be able to access all apps built on My Environment?

 

Users will not be able to access the SQL Connector and put it in their apps because the connector is attached to the environment and only I (or people with create rights) will be able to create apps in my environment?

 

 

 

 

Meneghino
Level 10

Re: Making SQL Connector Secure

Hi @Anonymous

Very helpful indeed.  Not an expert in the area you are asking about, but here goes.

 

Do I need any high-level access (System admin access rights) to Office 365 Suite to create environments or just having PowerApps Plan 2 will be enough?

 

NOT SURE
 
Will all users in my organization be able to access all apps built on My Environment?

 

IN OUR CASE, YES.
 
Users will not be able to access the SQL Connector and put it in their apps because the connector is attached to the environment and only I (or people with create rights) will be able to create apps in my environment?


I THINK SO

Anonymous
Not applicable

Re: Making SQL Connector Secure

Thanks @Meneghino

 

Maybe someone from Microsoft could confirm those points?

 

The main question is will all users in my org be able to access apps in my environment on default Office 365 Enterprise plan or they will need PowerApps Plan 1?

 

@v-monli-msft@CarlosFigueira @Audrie-MSFT @v-micsh-msft 

Highlighted
Rick72
Level 10

Re: Making SQL Connector Secure

Hi @Anonymous,

 

Do you still need help on this or do you already have your answers?

 

Robot Happy Rick

Helpful resources

Announcements
firstImage

PowerApps Monthly Community Call!

Join us next Wednesday for our Demo Extravaganza, October 16, 2019 8am PDT.

firstImage

Microsoft Business Applications Virtual Launch Event

Join us for an in-depth look at the new innovations across Dynamics 365 and the Microsoft Power Platform.

firstImage

Watch Sessions On Demand!

Continue your learning in our online communities.

Power Platform 2019 release wave 2 plan

Power Platform 2019 release wave 2 plan

Features releasing from October 2019 through March 2020

FirstImage

Power Platform World Tour

Coming to a city near you

thirdimage

PowerApps Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

FourthImage

Join PowerApps User Group!!

Connect, share, and learn with your peers year-round

SecondImage

Power Platform Summit North America

Register by September 5 to save $200

Top Kudoed Authors
Users Online
Currently online: 344 members 5,235 guests
Please welcome our newest community members: