Hello community,
Power Apps are getting more and more popular and therefore the need to be able to manage larger amount user groups is growing. In my case I have thousands of end-users, who need the access to a Power App. There is a way to do that of course, by entering each person one-by-one in the sharing of the Power App. That is not a possibility in my case, without talking about the difficulty of handling the users who have left the organization!
I would like to use Azure AD groups to manage access in the Power App. I have read that this is possible but I am having some challenges with the implementation that's suitable for my needs.
Let's say I have a security group in Azure that has 2 members as shown below:
Now, I go to Power Platform --> Selected the correct environment --> Share the app... And I selected the security group as the user. Also, I want to assign certain security roles to the app's users. In my case, there is a custom security role that needs to be assigned to each app user, otherwise they won't have access to Dataverse tables. So, the sharing would look like this:
I expect each individual user part of this security group (Leroy Plumley and BusinessA DeveloperA) inherit the security roles given to the security group. But this is not really how it works...
After sharing the application to the security group, I navigate to the Power Platform admin center to inspect the users' roles. As you can see, the roles I gave to the security group are not given to Leroy Plumley:
In the Power App, the users are filtered depending on if they have been assigned a certain security role. Because the security role is not "given" to the user, the application is not able to detect the user and display them in the app.
Is this the expected behavior? Is there a way to get the security roles assigned individually by using Azure AD groups?
Thanks in advance,
Ville
