Notifications
Announcements
We are securing environment access using Environment SG. When we share a Canvas app that has no CDS connection, We are able to share it with users outside the Environment SG. Is this an expected behavior? Shouldn't it be restricted to users in the Environment SG?
Can you check might be user added in your environment as disable user?
If you apply security group during Environment creation then other user will not added. But if you create Environment without security group this will add all the tenant user in the environment
Later if you apply security group after the environment creation so all the users be will disabled those are not part of the security group.
You are mixing 2 different things here.
Security group control access to environments, meaning ability to build things, and consumme data stored (all ot this tied to security roles of course). But apps can always be shared with anyone in the tenant.
It's very similar to what you have in Sharepoint : even if a limited set of users access the site ( = powerapps env), you can still decide to share some specific files (= apps here) with any other user.
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
In our never-ending quest to improve we are simplifying the forum hierarchy…
We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…
These are the community rock stars!
Stay up to date on forum activity by subscribing.
WarrenBelz 386 Most Valuable Professional
Kalathiya 361
MS.Ragavendar 339 Super User 2025 Season 2