web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Model-driven app witho...
Power Apps
Unanswered

Model-driven app without access is also showing up

(1) ShareShare
ReportReport
Posted on by summitb 2

I have a security roles assigned to user. And there is a app which is shared to only Sys admin. But the app is still showing up in the app list of the user which don't have a sys admin role. Not sure why its happening, I checked if the user was in any team where it is inheriting its privileges. The user is not in Teams as well. Im wondering where I am missing out.

 

summitb_0-1607012320478.png

 

Categories:
Building Power Apps
I have the same question (0)
  • poweractivate Profile Picture
    poweractivate 11,078 Most Valuable Professional on at

    @summitb 

    That one you reference is about what security role(s) the App itself will use, such as in the linked Dataverse Data Source, etc. and it is not about about who specifically inside these roles that the app will be shared with - those are two separate things. The app may use the, say the Salesperson role and have this checkbox checked in this part. However, if the app was not shared with a single person through the Share feature on that App, then not even a single Salesperson will see that app.  That roles thing is for the app scope permissions, not about which users see the app, that one is separate.

     

    To check who it is shared with is in separate list from the roles one. The roles one is the permissions of the app - not about who in the role will get the app shared with them - they are actually not the same thing.

     

    By the way, System Administrator is not very good example to use to illustrate above, that is why we picked another role even as an example. Because System Administrator could do almost whatever they want, and they may be able to even all the apps including those not shared with them, if their view selector in make.powerapps.com -> Apps is set to "Org Apps" instead of "My Apps" for example, and potentially in some other ways as well. This could cause even further confusion then. So try instead with another role that is reduced like Salesperson, or perhaps even just create a custom role, for best results about checking the above.

     

    Check about if the above helps. If not let us know if this one is still not clear to you, and we might check and see if we could provide you with some more details.

  • summitb Profile Picture
    summitb 2 on at

    Hi @poweractivate ,

    I tried with other security roles as well. I think the issue is if an app is not shared with Salesman security role. But its security role has write access to model driven app, the app that you don't even have any access to it will still show up.

     

    Once I removed the write access all the model driven app that were not shared didn't show up after that. Is it is a expected behavior @poweractivate ?

  • poweractivate Profile Picture
    poweractivate 11,078 Most Valuable Professional on at

    @summitb 

     

    From our understanding that would not be an expected behavior. Because the roles the app is using is not same as the ones it is shared with, so in other words:

    This:

     

    role.png

     

    is for the app scope.

     

    It should not be same as

     

    this for the specific shared user and their scope:

     

    role2.png

     

     

    It is the second screenshot, the one with "someperson" which control about which person sees the app. Also under that, the permissions for that user for that app are also separate scope in that second one above.

     

    To our understanding, the second one is most important. However, if in the first one, there are not enough permissions, it may mean the whole app does not work for anyone if the app needs the permissions that were omitted from the checkboxes for the first one. So simplest way is probably make sure the checkboxes are the same for the app and for each person if it is a "simple" scenario where everyone just needs same access to app.

     

    If above is really not how it is working in your case please give specific example in the next reply and we might check it. You bring up a very interesting subject matter and it may be worth for us to check into it even more deeply to clarify on this one.

     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the December Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
Kalathiya Profile Picture

Kalathiya 419

#2
WarrenBelz Profile Picture

WarrenBelz 397 Most Valuable Professional

#3
MS.Ragavendar Profile Picture

MS.Ragavendar 345 Super User 2025 Season 2

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans