Showing results for 
Search instead for 
Did you mean: 
0 Kudos

Minimize use of implicit SQL connectors

Currently, sharing an app with a user implicitly shares the data connection, which presents a security issue.  We have various published apps that use a SQL Server connection with SQL server authentication.  Any shared user can then create another app using one of the connectors, which provides unrestricted access to the data.  Power Apps documentation recommends using "explicit" authorization such as Azure AD instead, but this will not work for us.  Defining all users on the server is not feasible.  Besides data access and row-level security, there are other controls built into the apps that cannot be implemented directly on the server.  There needs to be a way to ensure that the users can ONLY use the data connection through the published app.  One idea that seems like a quick and easy fix would be for you to require login credentials to the connectors each time a user attempts to use one in edit mode.  That way, only authorized users with login credentials can actually use the connector outside of the published apps (unless I'm missing something).  Thanks. 

Status: New