cancel
Showing results for 
Search instead for 
Did you mean: 

Allow PowerApp users to submit data to Sharepoint but restrict Sharepoint direct access

PowerApps should have an option to have elevated privileges that allows the app itself to have permissions to modify sharepoint lists and not rely on permissions of its current user.

This makes the data source more secure as all users will not necessarily have direct access to the Sharepoint list and be able to view all its contents directly. This will also allow users without access to the sharepoint lists but with access to PowerApps to use the application.

A feature that would allow powerapp users to submit data to sharepoint but not directly via the sharepoint list would be nice.

 

Thanks!

Status: New
Comments
Level: Powered On

I've accomplished this with the HTTP trigger/action. I give the users a PowerApp that triggers a flow that makes an HTTP call only, and then I have another flow that runs with an HTTP trigger and uses my credentials to modify a SharePoint list.

Level 8

That's how I would have thought you would do it. Have a flow that gets the data sent and have the flow creator's account update the list.

Level: Powered On

There are other ideas posted on this with regards to securing the data source, so users can't access it outside the app. The easiest would be to be able to have the security linked to the app not the user.

 

using flow attached to a flow creator is not only slow and has limitations, but places should the flow creator leave the company. A proper solution to ensure data is protected and secured while still allowing access through a PowerApp, as this at present makes some PowerApps pointless, unsecure and poses risks around GDPR.