Unanswered

COE setup and license

(0) Share

Report

Posted on by ajj81

Hi all,

looking to setup the COE but have an interesting setup our side. Our licenses and main services are in our corporate tenant. We want to run the powerapps in a different (corp-apps) tenant.

I believe that this is possible as the users when guested in, will be be able to use their licenses from the corporate environment. However we are just starting to setup the COE and see that it needs a mail enabled identity for setup, so my question is has anyone had any experience with this/know if its possible to setup the COE in a different tenant to where your licenses/main user accounts are?

Thanks

AJJ

Categories:

Governance & administering

I have the same question (0)

All responses (7)

Answers (2)

joe_hannes_col 1,843 Super User 2024 Season 1 on at

Like (0)

Report

Hello @ajj81,

There are some flows in the Center of Excellence that will send out emails (and Teams notifications). You could use an account from your primary tenant to create the connection to Office 365 Outlook. Please note that there may be restrictions in doing this if cross-tenant isolation is activated.
Why don't you assign an inexpensive license, say one of the M365 F licenses, to the admin account in the secondary tenant, though? This would probably make everything easier.
Also, some CoE flows will send out emails to the owners of flows and apps, e.g. to check for compliance. If your app makers are not mail-enabled in the secondary tenant, these mails would get lost.
And if you are using Power Apps in a secondary tenant, why not assign the licenses in this tenant?
I'm asking these questions because I think the setup you sketched above is going to be rather complicated and hence fragile to support in the long run.

Was this reply helpful? Yes No
ajj81 36 on at

Like (0)

Report

Hi @joe_hannes_col ,

thanks for the quick response. I'll try and explain the setup and let you see if you can see where we are going with this.

We have the licenses in our corporate tenant so don't want to have to purchase them again. Also we share some apps with our customers and want to keep them away from our corporate tenant and avoid having to pay for their licenses too. So the thinking was that we can use the BYOL model which I understand follows you if you have the right license for the app you are using?

Thinking about what you said a simple F3 license sounds like a plan. Would we only need that for the admin user as all the other users coming in woul dhave rights under their corporate emails?

We don't want to be fragile but this is the challenge we've been set for environment management.

Thanks

AJJ

Was this reply helpful? Yes No
Verified answer

joe_hannes_col 1,843 Super User 2024 Season 1 on at

Like (0)

Report

Hello @ajj81,

Thanks for elaborating on your setup. I see what you want to achieve.
F3 for the admin should be fine. If the rest of the CoE will work as intended will also depend on how you will manage the apps in the secondary tenant. For example, CoE can send out emails to app owners, e.g. asking them for more information about an app. If the owner does not have a mailbox, these emails will get lost. That's fine as long as you only want to use CoE as an inventory of your Power Platform resources. If you want to actively use the processes included in CoE, you will probably have to replace the owner's email address with email addresses from your primary tenant - and that's what I mean with fragile.

Was this reply helpful? Yes No
Verified answer

joe_hannes_col 1,843 Super User 2024 Season 1 on at

Like (1)

Report

Oh, and there is one more consideration regarding licenses.
Yes, you can share your apps with external users (in this case for example users from your primary tenant). However, this does not apply to apps based on Dataverse:
"To access an app that connects to Dataverse, the guest user must have a license with Power Apps use rights that matches the capability of the app. And it must be assigned in the tenant hosting the app. The exception to this prerequisite is when an app is hosted in a Microsoft Dataverse for Teams environment."
[Source]
I don't know if this applies to your apps. It definitely applies to the apps included in the CoE. So every user of CoE apps (admin or maker) needs to have a license in your secondary tenant, unless you are using Dataverse for Teams.

Was this reply helpful? Yes No
ajj81 36 on at

Like (1)

Report

Thanks for this - we are going to engage with Microsoft and Review our setup. I'll post some feedback when I have some.

Was this reply helpful? Yes No
joe_hannes_col 1,843 Super User 2024 Season 1 on at

Like (0)

Report

Hello @ajj81, thanks, it would be great to hear if you received any official feedback on this.

Was this reply helpful? Yes No
ajj81 36 on at

Like (0)

Report

We keep engaging with Microsoft on this but it's not an official solution. I think we have to accept that how we want to work is probably different to the way Microsoft want us to. I think the main advice I could give anyone is to keep checking as Microsoft seem to change the licensing model.

Was this reply helpful? Yes No