Skip to main content

Notifications

Using Office 365 Groups for Security/Control inside Power Apps

Office 365Groups have many uses, particularly when Security Enabled, for controlling user authorities to access individual Power Apps while also allowing the same group to control access to the data source ("all in one place").
However, you can also use the user’s membership of any group (not necessarily having access to the app and not needing security enablement) to control what they can do and see once the app is opened. This blog discusses the options for enabling the functionality.
One important thing you need to do first is getting the id of the group or groups you want to work with. You can use the DisplayName (also as shown below), but if this is changed, the process will not function whereas the id will always remain the same. Fortunately , getting the id of the group is easy, with the simplest way being to put a gallery (I called it galGroups below) on the screen with the Items

Office365Groups.ListOwnedGroups().value

and inset two labels with ThisItem.displayName and ThisItem.id and you will then see something like this.galGroups.png
Now you have established the id (and already know the displayName), below are two examples (using displayName and id) of what you could run to set a Variable (Boolean) varAdmin to indicate whether the logged-in user was a member of the "Admin Staff" Group. Using displayName

Set(
 varUserName,
 User().FullName
);
With(
 {
 wAdminID: LookUp(
 Office365Groups.ListOwnedGroups().value,
 displayName = "Admin Staff"
 ).id
 },
 Set(
 varAdmin,
 varUserName in Office365Groups.ListGroupMembers(wAdminID).value.displayName
 )
)

Using id

Set(
 varUserName,
 User().FullName
);
With(
 {
 wAdminID: LookUp(
 Office365Groups.ListOwnedGroups().value,
 id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
 ).id
 },
 Set(
 varAdmin,
 varUserName in Office365Groups.ListGroupMembers(wAdminID).value.displayName
 )
)

So varAdmin would be true or false depending on whether the user is a member of the Admin Staff group.

Bonus function from the gallery

Once you have the gallery, you can also inset a drop-down with the Items

Sort(
 Office365Groups.ListGroupMembers(galGroups.Selected.id).value,
 displayName
)

and display a selection of all the members of the group you select in this gallery.

 

GroupMembers.png

I hope this has been useful in assisting you to manage Power Apps user access.

Comments

*This post is locked for comments

  • MD2024 Profile Picture MD2024 115
    Posted at
    Using Office 365 Groups for Security/Control inside Power Apps

    Hello WarenBelz

     

    Very great work and always appreciate yout help which is clear and structured as well 😉

     

    From Today:

    I needed to use  Office365Groups.ListOwnedGroupsV2().value AND substitute the User().FullName by using: 

    Set(
       varUserName,
       Substitute(User().FullName," ",", ")
    );
     
    The User().FullName comes as  "LastName FirstName" without comma so the FullName needs to be "LastName, FirstName", otherwise I would get false but needs to be true as the user is member of the group 😉
     
    I hope it helps someone 😉
     
    Cheers
    Michael
  • MD2024 Profile Picture MD2024 115
    Posted at
    Using Office 365 Groups for Security/Control inside Power Apps

    Hello Warren

    Thanks for the nice example.

    I tried it by myself and relaized it is only working with the V2 extension:

     

    Set(
        varUserName,
        User().FullName
    );
    With(
       {
          wRequesterID: LookUp(
             Office365Groups.ListOwnedGroupsV2().value,
             displayName = "FDR_BRASIL_Requester"
          ).id
       },
       Set(
          varRequester,
          varUserName in Office365Groups.ListGroupMembers(wRequesterID).value.displayName
       )
    );
    With(
       {
          wShippingID: LookUp(
             Office365Groups.ListOwnedGroupsV2().value,
             displayName = "FDR_BRASIL_ShippingCompany"
          ).id
       },
       Set(
          varShippingCompany,
          varUserName in Office365Groups.ListGroupMembers(wShippingID).value.displayName
       )
    );

     

    Not sure why Microsoft is doing changes and is creating new versions with limiting the old ones.😒
    You normaly would update the existing ones with new features... 🤔

    But thanks a lot and great work... 😉

    Cheers

    Michael