You’re offline. This is a read only version of the page.
141
Is it possible to publish a powerapp without sharing the datasource to all users of the app? e.g. a quiz powerapp doesn't seem to be possible as all users of the app can just login to sharepoint and look at all the answers of the other users in the list that is the datasource.
thanks,
Alistair
thanks for that but I think consent is required by GDPR. The app needs to use the Outlook account so bypassing consent isn't an option. I assume bypassing consent with the PS command will bypass all consent. It doesn't appear to be possible to limit user access to the backend list. They can still create/edit which is not allowed. Only the app must create data. The users must not have any access whatsoever to the backend datasource.
A custom front end (spring boot for example) with the MS Graph API would solve the problem but a Powerapp with hidden backend would be nice.
Hi,
If you use the PowerShell commands to BypassConsent for that App, then your users won't see that initial screen asking for permission, so they won't know the name of the data source. The account doing this must have the app shared with them as an owner, and they should be an Office365 Global Admin (not sure if this has changed, but that was the case the last time I ran it).
Import-Module Microsoft.PowerApps.Administration.PowerShell Import-Module Microsoft.PowerApps.PowerShell Add-PowerAppsAccount Set-AdminPowerAppApisToBypassConsent -AppName xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Additionally I would also use the options mentioned above by @v-xida-msft to prevent anyone from seeing or editing the rows that they did not create - if they did manage to somehow find the list, when they open it they will only the items they have created so there won't be a concern about them seeing others' personal details.
Cheers,
ManCat
Hey,
This would be possible if you use an sql database as source. The sql database uses a seperate login the app connects to the datasource but the enduser can't see the credetials.
You do have to publish the app in a seperate environment and don't give anybody else maker rights. (see: https://docs.microsoft.com/en-us/power-platform/admin/environments-overview
Else users can use the data connection in their apps.
Kind regards.
thanks for that but the issue is:
"If you share an canvas app to your end users but do not share data source access permission, when the end users run this shared app on their side, they would not be able to see/view data from your data source within this app"
that's what I require. I don't want them to know the data source exists as it's not standard practice to make backend data services directly accessible to the users who use the front end.
The app already enforces permissions on what they can see/add but the users can still look at the data in the Sharepoint list. This is not acceptable as some apps will record who the user is in a way Sharepoint cannot identify them, such as their personal email, rather than their Office365 email or username. So all users of the app would be able to see all users' data.
It's also the fact they are informed they have access to something that makes no sense to them and that they should not have access to, i.e. the backend data source of every app they use.
Hi @codebrane ,
Do you want to share an canvas app to your end users but do not share data source access permission to them?
If you share an canvas app to your end users but do not share data source access permission, when the end users run this shared app on their side, they would not be able to see/view data from your data source within this app.
If you want to restrict the end user to only access their own records within this shared app, I think the Filter function could achieve your needs.
Within your app, I assume that you use a Gallery to list data from your SP list, you could filter the Gallery items based on current login user, then the end user could only see their submitted records when running this shared app. Please take a try with the following workaround:
Set the OnStart property of the App to following:
Set(CurrentUserEmail, User().Email)
set the Items property of the Gallery to following:
Filter( 'YourSPList', 'Created By'.DisplayName = CurrentUserEmail )
then re-pubish your app, check if the issue is solved.
If you just want to restrict the end users to see other users entry in your SP list itself, I think the "Read Acsess" option within Advanced settings of List settings could achieve your needs. Please configure the "Read Acsess" option within Advanced settings of List settings of your SP list as below:
Please check and see if the response within the following thread would help in your scenario:
Best regards,
I've just seen this so I presume powerapps isn't a good fit for requirements that need users to be kept away from the data. If sharing the datasource results in an email to those users they can then bypass the app and do what they want in the list. Read/write is not the issue. Visibility is the issue. It shouldn't be visible to anyone using the app.
#1
Michael E. Gernaey
11
Super User 2025 Season 1
#2
bscarlavai33
5
Super User 2025 Season 1
#3
getsplash
2
Share
Report
All responses (
Answers (
