cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
DanielMeyhoefer
Frequent Visitor

Different Access whether accessing via app and Backend

Dear Power Apps Community,

 

I have the following use case and am wondering whether this is possible:

I want to give anyone access to an app in my business unit, those people can then view&edit records for everyone who is their employee (if they have none they can see none). This check gets done via code (checking for GetManager API).

However in the Power Platform backend, I want only a select group to be able to view and edit the database (regardless of hierarchy).

 

The reason is simplicity. This way permission are taken care of automatically.

 

 

Thanks in advance! 😊

1 ACCEPTED SOLUTION

Accepted Solutions

@DanielMeyhoefer, your Azure AD admins have to create dynamic membership rules for users to create Dynamic Security Group https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamic-membership

 

 

If my reply helped you, please give a 👍 , & if it solved your issue, please 👍 & Accept it as the Solution to help other community members find it more.


I am primarily available on weekdays from 6-10 PM CT and 5-10 PM CT on weekends.


Visit my Blog: www.powerplatformplace.com


 

 

View solution in original post

5 REPLIES 5
AhmedSalih
Super User
Super User

Hello, @DanielMeyhoefer, If you create Azure AD security group for your (select group), you can create an Environment Team and link it to the AAD security group and give that team Service Read, Service Write, and Service Delete Access.

 

 

 

If my reply helped you, please give a 👍 , & if it solved your issue, please 👍 & Accept it as the Solution to help other community members find it more.


I am primarily available on weekdays from 6-10 PM CT and 5-10 PM CT on weekends.


Visit my Blog: www.powerplatformplace.com


 

 

 

 

 

Hi @AhmedSalih : Does that mean that everyone else is still able to vie the Canvas App and edit the data through the app?

@DanielMeyhoefer, Exactly, and you only have to share the apps with the Azure AD security Group.

 

 

If my reply helped you, please give a 👍 , & if it solved your issue, please 👍 & Accept it as the Solution to help other community members find it more.


I am primarily available on weekdays from 6-10 PM CT and 5-10 PM CT on weekends.


Visit my Blog: www.powerplatformplace.com


 

 

DanielMeyhoefer
Frequent Visitor

Can I not just share the app with everyone by default? In my org there are around 400k associates, would be crazy trying to put all of them into another security group. Or is that by default enabled?

@DanielMeyhoefer, your Azure AD admins have to create dynamic membership rules for users to create Dynamic Security Group https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamic-membership

 

 

If my reply helped you, please give a 👍 , & if it solved your issue, please 👍 & Accept it as the Solution to help other community members find it more.


I am primarily available on weekdays from 6-10 PM CT and 5-10 PM CT on weekends.


Visit my Blog: www.powerplatformplace.com


 

 

Helpful resources

Announcements
Power Apps News & Annoucements carousel

Power Apps News & Announcements

Keep up to date with current events and community announcements in the Power Apps community.

Community Call Conversations

Introducing the Community Calls Conversations

A great place where you can stay up to date with community calls and interact with the speakers.

Power Apps Community Blog Carousel

Power Apps Community Blog

Check out the latest Community Blog from the community!

Users online (6,620)