Views:

Applies to Product – Power Apps


What’s happening?
Customers are experiencing issues when attempting to connect to a SharePoint list in another tenant using Power Apps. The error message received is: { "error_description": "Exception of type 'Microsoft.IdentityModel.Tokens.Audience###ValidationFailedException' was thrown." }


Reason:
The underlying cause of this is that when a connector is created using an account from one tenant (Tenant A), the authentication for that connector is still against Tenant A. Therefore, even if the site URL from the other tenant (Tenant B) is added, the connector cannot access the SharePoint list from Tenant B.


Resolution:
To resolve this, it is recommended to use the identity information of the resource tenant (Tenant B) to create a connector in Tenant A. This ensures that the account information will be correctly identified, allowing access to the corresponding SharePoint list.
Additionally, for managing security roles, it is noted that:

  • The default environment automatically assigns the roles of Basic User and Environment Maker, and there is no method to restrict this automatic assignment.
  • To limit app creation to specific users, it is advised to set up environments other than the default environment, where security roles can be selected during user addition.
For further assistance, users can refer to the official documentation on managing the default environment in Power Platform.