End user asked for AD permissions

(0) Share

Report

Posted on by Jorge_

Hi,

I've built a canvas app linked to a SharePoint site.

It uses 2 Flows, which trigger is Power Apps v2.

I do check AD membership in the Flow, so one of the Flow uses Azure Ad connection.

When an end-user tries to open the app, they are requested to provided connection details to AD, which obviously they don't have.

I have run PowerShell to bypass permission screen, however asking for Azure AD details still remains after running powershell.

Is there any way to avoid this happening?

Categories:

Building Power Apps

I have the same question (0)

All responses (7)

Answers (1)

Sort by

Pstork1 69,323 Most Valuable Professional on at

Like (1)

Report
Copy link

Link copied!

The PowerShell you are using doesn't change the permissions requirement it just auto accepts the dialog that is normally displayed. If you are using the V2 trigger you can go to the details for the flow and set the RunOnly users setting for the flow connections so they will use your credentials not the person invoking the flow. Here's a good video on how it works. (149) Run Power Apps connections with elevated permissions via Power Automate | Impersonate flow actions - YouTube

Take a look specifically at what he does at around 15:30 in the video.

Was this reply helpful? Yes No
Jorge_ on at

Like (0)

Report
Copy link

Link copied!

Thanks you @Pstork1

I have changed the connection but still asking for an Ad account.
Do I need to add users to the run only users? I see in the video no one is added as run only users
Was hoping not working for me as might take some time to propagate.

Was this reply helpful? Yes No
Pstork1 69,323 Most Valuable Professional on at

Like (1)

Report
Copy link

Link copied!

It will take some time to propagate the changes and I haven't specifically tried it for the Azure AD connector. but no you shouldn't need to add specific users. Let me run a test and see if I can get it to work. it's the only potential solution I know of.

Was this reply helpful? Yes No
Verified answer

Pstork1 69,323 Most Valuable Professional on at

Like (1)

Report
Copy link

Link copied!

I just did a quick test using the Azure AD connector with Run Only users set to use the connection provided by me and it worked fine. Make sure you set the Run only users dropdown correctly, and that you refreshed the flow in Power Apps and republished the app.

Was this reply helpful? Yes No
Jorge_ on at

Like (0)

Report
Copy link

Link copied!

Thanks for this @Pstork1
However, I have even added end-user to run only users and still getting prompted to enter AD account details.
Have re-published the app also and logged out from bowser.

Was this reply helpful? Yes No
Jorge_ on at

Like (0)

Report
Copy link

Link copied!

Hi @Pstork1

got it working after refreshing the Flow form the canvas app and then published

Thanks a lot for your help

Was this reply helpful? Yes No
Pstork1 69,323 Most Valuable Professional on at

Like (0)

Report
Copy link

Link copied!

Whenever you make changes to a flow triggered by an app you need to Refresh the flow in the app so it will pick up the changes to parameters and connections.

Was this reply helpful? Yes No