Thanks for the info. I didn't realize that the desktop app was different. I tried it and it does work for us also.
The problem is that we need to use our app as a mobile app for phones and other devices so it is still a show stopper for us.
I would like a status update on this usse. I heard that this was something to do with a https vs http issue from another post. I am in the process of doing a data migration that will get my data so sharepoint, which provides an https. However, upon trying my test migration data, I get the same issue as this post describes. The link loads in a browser, but I need it to show up in the pdf control. Please advise.
@martinav Our logs show that your PDF is not publicly accessible (i.e. you need to be logged in and authorized to access the PDF). The PDF control only supports publicly-hosted https:// PDFs today. To see if your PDF is publicly or privately hosted, please try to open your PDF's URL in a private or incognito browser window and see if the web address opens your PDF without prompting for credentials.
If you would like to use the PDF control, please move your PDF file to a public URL, provided that your PDF does not contain any sensitive information.
I think the issue is that your access to the site is going through a private authentication step behind the scenes. So, when you access it directly, you have no issues. But, PowerApps - as an application - doesn't have that authority. It should work if you put it on a site that is publically available and requires no more authentication than that which the PowerApp itself has access to.
For one, I cannot make it fully public. But, everyone who need to access it can on our internal network... or a VPN. I believe authentication is purely through MS AD. My access to everything is done simply through my Windows login. This is a small company and we do not have any complex authentication steps going on here. Even my on-prem gateway is done via Windows authentication.
Further, my entire Sharepoint document library where these files are located was build via a MS Flow routine using these same authentications. The same powerapps application is reading, and writing data to the same library file properties. However, loading the PDF file into the pdf control is the only thing that has caused an issue to this point.
For giggles, I found a random link online. Which, must be public...
Result is the same. No view comes up, "Open in my browser instead" yeilds the document.
One other requirement is that the server that hosts the PDF needs to accept CORS requests from PowerApps. This is a rather technical subject but basically it is a security mechanism to prevent websites from accessing servers that it is not allowed to. This is a separate issue from authentication. You can read more about PDF viewer's requirements here.
The server hosting https://pae-web.presonusmusic.com/downloads/products/pdf/Capture2_ReferenceManual_EN_05062018.pdf does not allow CORS requests. Try this one: https://cdn.mozilla.net/pdfjs/helloworld.pdf
Why does it work when the PDF is opened in a browser (or another tab)?
Browsers utilize cookies to perform authentication. So when the browser makes the request, it's not using PowerApps authentication tokens to authorize the request; it's using cookies stored by the browser for that domain. Additionally, CORS restrictions only apply when a website wants to communicate with another server on a different domain. Navigating to that server's resources directly on a browser has no CORS requirements.
Ok, so that one did work. So, this CORS request. You say there is no CORS requirement if in the same domain. With the web-based stuff... my powerapp and my sharepoint is all on the office365 could. My on-prem gateway actually is just to get to some SQL table data, that has nothing to do with my apps currently being discussed. Thus, everything resides within the company office365 account cloud based services. Our access to this data must remain exclusive to the office365 authentications. I was mistaken about our computer LAN authentications. Thus, AD is not involved. It is all within office365.
How does that differ? When on my phone, I am on my dataplan, and logged into the company office365. Everything in my applications work perfectly, as expected, with exception to the PDF viewer.
Is CORS only a factor with PDF viewing? What needs to be done to be sure our data stays secure with office365 authentications, and still have view capabilities of our PDF files?
Thank you for your help with this matter.