cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Power Apps Staff alaugMSFT
Power Apps Staff

Re: Power Platform access by guest users: unexpected behavior

@Testpowerapp , @Korni1 , @abeldjilali - The remaining bug fixes have rolled out to production and are available world-wide. Please reach out if you observe any unexpected behavior. 

simb55
Level: Powered On

Re: Power Platform access by guest users: unexpected behavior

Hello @alaugMSFT,

I'm still experiencing the issue.

 

1. I created a guest account for a private e-mail for testing purposes.

2. I granted this account access to the PowerApp and the SharePoint Site and Libraries which the app connects to.

3. I assigned a PowerApps Plan 2 Trial license via Azure Active Directory to the account. [ <--- Does this even work? ]

4. Copied the link, logged in with the guest account to our tenant. Pasted the link.

 

Still experiencing this beaviour: 

 

Unbenannt.PNG

The app is using a Flow. So do I maybe have to assign a Flow license additionally?

Is it true that...

 

- a guest in our tenant needs to have a O365/PowerApps P1/PowerApps P2 license assigned in THEIR OWN tenant

OR

- a guest in our tenant needs to have  a O365/PowerApps P1/PowerApps P2 license assigned in OUR tenant

 

...in order to use a (standalone) app hosted at our tenant?

 

 

May this be the reason for the behaviour we're seeing with the guest opening the app?

Power Apps Staff alaugMSFT
Power Apps Staff

Re: Power Platform access by guest users: unexpected behavior

Hi, @simb55 .

 

Whatever license is required to run the app by an internal user in the tenant must be assigned to the user in either their home or guest tenant. For instance, if the app only requires the PowerApps Included with Office license, then it's fine if the user has that license assigned in either their home or the guest tenant.  

 

Yes, assigning a license in https://portal.azure.com in the Azure Active Directory blades works. 

 

If you're available for a ~30 minute call, would you mind sending me a private message with a handful of times that you're available? 

simb55
Level: Powered On

Re: Power Platform access by guest users: unexpected behavior

Hello @alaugMSFT,

 

we are still investigating into this issue.

 

We cretaed a guest user for an account, that has an E5-license asigned in his own tenant and added this user to a security group. We gave this group access to both, the SharePoint site where we embedded our app and the app itself.

 

The user is now able to log into our organizations Office 365 and also to open the SharePoint site, that we gave access to.

 

When opening the app, however, an error still occurs:

"You do not have a valid Power Apps-plan. For access to Power Apps you will need a Power Apps-plan, assigend to you BY YOUR OWN ORGANIZATION or the organization that you are a guest in."

 

As mentioned above, this user hold an E5-license in his own tenant, which includes the 'PowerApps for Office 365' permissions. I do not understand, why he is not able to open the app.

Power Apps Staff alaugMSFT
Power Apps Staff

Re: Power Platform access by guest users: unexpected behavior

Hi, @simb55 . 

 

Thanks for your message. I sent a private message requesting a bit more info. 

 

Thanks,

Austin

Raynok1
Level 8

Re: Power Platform access by guest users: unexpected behavior

Hi,

Adding my 5c.

 

When inviting guest users in through the azure portal, an email is sent to the guest user. For the best experience, get the guest user to open the invitation link and sign in. Once the the guest user has signed in, they shouldn't have the unexpected behavior when opening the app.

 

So the key thing to take away here. Get the guest user to sign in first via the invitation email.

 

What's really going to bug you later is the fact that guest users cant see the app listed on their mobile devices.

simb55
Level: Powered On

Re: Power Platform access by guest users: unexpected behavior

Hello @Raynok1 ,

 

unfortunately, this does not work out for me.

I just tested this for our use case. Here is what I did:

 

- Created a new user in the external tenant and gave him a E5 license

- Invited the external user via our organizations Azure AD

- Logged in as the guest user to the external tenant, opened the invitation mail and klicked the link/accepted the invitation

- Gave permissions to the external user to acces the app via PowerApps -> MyApp -> Share

- Tried to open the app as the guest user

 

--> Still the same old error. >You need a PowerApps-Plan to open this app<

 

alaugMFST stated in a private message, that this would be a bug on Microsofts side and that they would be aware of it and are working on it actively.

 

Our workaround right now is, that we export an app to the tenant of the guest user(s) that we want to use our app, that includes a single Button that triggers the Launch() function OnSelect and links to our app. We advise those users, to navigate to our app this way. 

That is, because everything works just fine, once the target guest user started/built an app in his home tenant.

Raynok1
Level 8

Re: Power Platform access by guest users: unexpected behavior

Okay, Process of elimination.

 

1.) Duplicate the app in the tenant hosting the app.

2.) Remove the flow connection and associated buttons, etc. 

3.) Publish the duplicated app and share it with the external user.
4.) If the problem persists then remove the SharePoint connection. Repeat step 3.
5.) If the problem persists then create a new app with no connections and complete step 3.
6.) If it works then add one connection at a time with step 3 to test.

Note for step 6, maybe its related to the security group. Instead assign the guest user directly, without the security group. 


Are you using Online SharePoint or on premise SharePoint as your app source?

 

Sorry, I know its lengthy. 

PS. Thank you for the tip, "Launch button pointing to the intended app", didn't think of that. Nice.

simb55
Level: Powered On

Re: Power Platform access by guest users: unexpected behavior

Hi again, thanks for your reply and effort,

 

I have done all the steps, but unfortunately it does not even work for thefreshly created, blank PowerApp.

Unless the external user opened/created an app in his own tenant first. Then it all works nice and easy.

 

 

Raynok1
Level 8

Re: Power Platform access by guest users: unexpected behavior

You mentioned that they have to open a Powerapp that has a launch button that opens the external app. So technically they opened an internal Powerapp before attempting to opening the external Powerapp via the launch button. (Sounds like some AD attributes being applied in the background and we'll never know if its done first either by opening apps or when closing an app or creating an app first) 

Could even be time period between account creation and attempting to to open the external app. Is there a time to sync attributes thing in the background. Maybe your workaround fast tracks it all. The rabbit hole of note.


This would also bug me, least you have a workaround. 

Helpful resources

Announcements
Better Together’ Contest Finalists Announced!

'Better Together’ Contest Finalists Announced!

Congrats to the finalists of our ‘Better Together’-themed T-shirt design contest! Click for the top entries.

thirdimage

Power Apps Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

sixthImage

Join THE global Microsoft Power Platform event series

Attend for two days of expert-led learning and innovation on topics like AI and Analytics, powered by Dynamic Communities

Power Platform 2019 release wave 2 plan

Power Platform 2019 release wave 2 plan

Features releasing from October 2019 through March 2020

thirdimage

Microsoft Business Applications Virtual Launch

Join us for the Microsoft Business Applications Virtual Launch Event on Thursday, April 2, 2020, at 8:00 AM PST.

thirdimage

Community Summit North America

Innovate, Collaborate, Grow - The top training and networking event across the globe for Microsoft Business Applications

Top Solution Authors
Users online (8,868)