Skip to main content

Notifications

Power Apps - Building Power Apps
Answered

End user asked for AD permissions

(0) ShareShare
ReportReport
Posted on by

Hi,

 

I've built a canvas app linked to a SharePoint site.

It uses 2 Flows, which trigger is Power Apps v2.

 

I do check AD membership in the Flow, so one of the Flow uses Azure Ad connection.

 

When an end-user tries to open the app, they are requested to provided connection details to AD, which obviously they don't have.

 

I have run PowerShell to bypass permission screen, however asking for Azure AD details still remains after running powershell.

 

Is there any way to avoid this happening?

 

 

 

 

  • Pstork1 Profile Picture
    Pstork1 65,019 on at
    Re: End user asked for AD permissions

    Whenever you make changes to a flow triggered by an app you need to Refresh the flow in the app so it will pick up the changes to parameters and connections.

  • Jorge_ Profile Picture
    Jorge_ on at
    Re: End user asked for AD permissions

    Hi @Pstork1 

     

    got it working after refreshing the Flow form the canvas app and then published

     

    Thanks a lot for your help

     

    Jorge_0-1671121436833.png

     

  • Jorge_ Profile Picture
    Jorge_ on at
    Re: End user asked for AD permissions

    Thanks for this @Pstork1 

    However, I have even added end-user to run only users and still getting prompted to enter AD account details.

    Have re-published the app also and logged out from bowser.

  • Verified answer
    Pstork1 Profile Picture
    Pstork1 65,019 on at
    Re: End user asked for AD permissions

    I just did a quick test using the Azure AD connector with Run Only users set to use the connection provided by me and it worked fine.  Make sure you set the Run only users dropdown correctly, and that you refreshed the flow in Power Apps and republished the app.

    image.png

  • Pstork1 Profile Picture
    Pstork1 65,019 on at
    Re: End user asked for AD permissions

    It will take some time to propagate the changes and I haven't specifically tried it for the Azure AD connector. but no you shouldn't need to add specific users.  Let me run a test and see if I can get it to work.  it's the only potential solution I know of.

  • Jorge_ Profile Picture
    Jorge_ on at
    Re: End user asked for AD permissions

    Thanks you @Pstork1 

     

    I have changed the connection but still asking for an Ad account.

    Do I need to add users to the run only users? I see in the video no one is added as run only users

    Was hoping not working for me as might take some time to propagate.

  • Pstork1 Profile Picture
    Pstork1 65,019 on at
    Re: End user asked for AD permissions

    The PowerShell you are using doesn't change the permissions requirement it just auto accepts the dialog that is normally displayed.  If you are using the V2 trigger you can go to the details for the flow and set the RunOnly users setting for the flow connections so they will use your credentials not the person invoking the flow.  Here's a good video on how it works.  (149) Run Power Apps connections with elevated permissions via Power Automate | Impersonate flow actions - YouTube

    Take a look specifically at what he does at around 15:30 in the video.

     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Microsoft Kickstarter Events…

Register for Microsoft Kickstarter Events…

Announcing Our 2025 Season 1 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

Announcing Forum Attachment Improvements!

We're excited to announce that attachments for replies in forums and improved…

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 145,691

#2
RandyHayes Profile Picture

RandyHayes 76,287

#3
Pstork1 Profile Picture

Pstork1 65,019

Leaderboard