web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Deny direct Sharepoint...
Power Apps
Unanswered

Deny direct Sharepoint access for Power App user

(0) ShareShare
ReportReport
Posted on by kochk83 7

Hello, I developed a small canvas app for our organisation. The data is stored on Sharepoint lists. I want the users of the application to be able to view and edit the data exclusively via the PowerApp and deny direct access via sharepoint.

What options are there here? Is it possible to lock the sharepoint for users even though they have read/write permissions for the lists of the sharepoint?

Thank you and best regards KK

Categories:
Building Power Apps
I have the same question (0)
  • BCLS776 Profile Picture
    BCLS776 8,994 Moderator on at

    You can hide the SP list a bit by taking its link out of the SP menus, but users will still have access to the list.

    If you're worried about inadvertent changes to the list, use a flow to make a regular backup of it. If security/privacy are bigger concerns, consider using a flow to retrieve some of the data for your app, which creates a degree of separation and requires fewer shared permissions. Better still, use a data source that you can better control all of these, such as Dataverse, SQL, etc.

  • Pstork1 Profile Picture
    Pstork1 68,717 Most Valuable Professional on at

    @BCLS776 is correct.  There is no way to create a Power App that uses SharePoint but does not give the users access to the list in SharePoint.  But I want to clarify one other thing that he said.  Using a flow to retrieve some data into your Power App won't help either.  Flows that are triggered manually from a Power App run in the context of the user who is using the app.  So you will have the same permission problem in the flow that you have in the Power App.  Power Apps isn't designed to be a security layer.

  • kochk83 Profile Picture
    kochk83 7 on at

    Thanks for your support. What do you mean by "use a flow to retrieve some data" ? The additional licence means that Dataverse and SQL are no options right now.

  • Pstork1 Profile Picture
    Pstork1 68,717 Most Valuable Professional on at

    I'll let @BCLS776 explain what he was thinking.  But my point was that if he thought you could invoke a flow from power apps to get the data and return it to power apps without giving the user's access to SharePoint, it won't work.  You can use flow to get the data.  But since any flow invoked manually from Power apps runs in the user's security context it will require the same permissions to SharePoint that Power Apps does.  To be honest it won't really work with SQL or Dataverse either.  They provide a bit more control, but the user still needs permissions to do what the Power App does.  Power Apps just isn't designed to provide security isolation.

  • BCLS776 Profile Picture
    BCLS776 8,994 Moderator on at

    First off, @Pstork1 is correct - a flow triggered directly by the Power App is limited to see what that app user has permission to see. I have used the following workaround, although it is a bit clunky: use a flow that is triggered by changes to the underlying list, "WorkingList", to fetch only required data from another list, "SecretList". SecretList is not shared broadly with users - it is available only to the owner of the flow. In my case, I had a SecretList that was a master pricing list for all customers & services, which was not to be shared broadly in its complete form. It was OK to share out individual items as required for their work. The main steps are:

    1. Trigger a flow based on adding/editing items to WorkingList
    2. Use dynamic content from WorkingList to filter for a specific item on SecretList
    3. Use the flow to update a column or two for the item on WorkingList with the data from the SecretList item

    The downside: it takes a bit of time for a flow triggered by changes to a list to activate, so the data update might take between a few seconds to a minute or so. It isn't pretty, but it puts up a bit of a wall.

     

     

  • kochk83 Profile Picture
    kochk83 7 on at

    that's really annoying. i have various use cases for a PowerApp (CRM, Project Management, etc.) but unless i can protect the data somehow through a little "rights and roles model", the whole framework is not usable for me 😞

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 721 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 320 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans