cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
R4isin
Advocate I
Advocate I

Connection Reference - best practice ?

Hello everybody,

 

I write this topic to learn better the use of the Connection Reference, in terms of Security/Licencing (the concept of the utility, I get it).

 

I'm currently busy with my customer which works exclusively in "low code" approach, and there is a lot of small apps (model driven or canvas app) to do. In other terms, we have a lot of different solutions which have a lot of Power Automates....

 

At the beginning, the connection reference was settled with a personal account from someone of the team. Ofc, we've understood quickly the problem about the maintenability and the security with a configuration like that. So now, we try to put in place a more secure and oob approach about these connections reference.


- For the "Dataverse steps" (inside the power automate), it's "easy" because we created some application users in Azure/Dataverse (one for each app and for each env. with a security role dedied to avoid to work with an application user which is "Admin") so it seems ok (from our point of view).

- For the "Sharepoint steps", if I follow the logic from the "Dataverse steps", I should create one technical user for each of my app (by env.) to be sure that I don't create an unique technical user which is owner of all of my sharepoint sites. Like that, I've a segregation against the database stored in the sharepoint sites (so, it's more secure...).
Any advice/remark is more than welcome here 🙂

 

- and I made this for each type of steps inside of my power automate (when it's justified ofc).
For example, the steps which are linked to a shared mailbox will be linked to the technical user of the shared mailbox, etc

 

Another reflexion (which is directly linked to the previous one) is about the licencing to use when we use different technical users (behind the connection reference) within the Power Automate.

For example, I've an app, called "Lunch order". And for this app, I've a Power Automate which :

- Creates a record in a table in Dataverse

- Populates a Microsoft Word template (from a template present on the Sharepoint Site)

- Stores the Microsoft Word document (which has been edited from the template) in a folder present in the Sharepoint Site

 

So, I've 2 application/technical users dedicated to 2 connection reference for this Power Automate

1) "TechUser_Sharepoint_PRD" which has the adequate privilege on the target Sharepoint Site 

2) "AppUser_Dataverse_PRD" which has the adequate security role on the right env. of Dataverse (and where no licence is required...)

 

Questions :

- Does "TechUser_Sharepoint_PRD" must have to a Office (E1 or E3 or E5) licence because he is linked to a sharepoint step ?

- Does "TechUser_Sharepoint_PRD" must have to a Dynamics licence because he is linked to a Word step (which is a premium connector) ?

 

Sorry if it's something already asked and responded (but I don't find something about this topic) and It's very unclear for me here 😕 

1 ACCEPTED SOLUTION

Accepted Solutions
v-xiaochen-msft
Community Support
Community Support

Hi @R4isin ,

 

If you use the premium connector, the office license may not meet your needs.

vxiaochenmsft_0-1630391995984.png

Per app license, per usr license and dynamic license can use premium connector.

vxiaochenmsft_1-1630392248999.png

vxiaochenmsft_2-1630392267730.png

 

Best Regards,

Wearsky

 

 

 

View solution in original post

1 REPLY 1
v-xiaochen-msft
Community Support
Community Support

Hi @R4isin ,

 

If you use the premium connector, the office license may not meet your needs.

vxiaochenmsft_0-1630391995984.png

Per app license, per usr license and dynamic license can use premium connector.

vxiaochenmsft_1-1630392248999.png

vxiaochenmsft_2-1630392267730.png

 

Best Regards,

Wearsky

 

 

 

Helpful resources

Announcements
Super User 2 - 2022 Congratulations 768x460.png

Welcome Super Users

The Super User program for 2022 - Season 2 has kicked off!

Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

<
Users online (3,746)