web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Publish powerapp witho...
Power Apps
Unanswered

Publish powerapp without having to share the datasource

(0) ShareShare
ReportReport
Posted on by codebrane 141

Is it possible to publish a powerapp without sharing the datasource to all users of the app? e.g. a quiz powerapp doesn't seem to be possible as all users of the app can just login to sharepoint and look at all the answers of the other users in the list that is the datasource.

 

thanks,

 

Alistair

 

Categories:
Governance & administering
I have the same question (0)
  • codebrane Profile Picture
    codebrane 141 on at

    I've just seen this so I presume powerapps isn't a good fit for requirements that need users to be kept away from the data. If sharing the datasource results in an email to those users they can then bypass the app and do what they want in the list. Read/write is not the issue. Visibility is the issue. It shouldn't be visible to anyone using the app.

     

     

  • v-xida-msft Profile Picture
    v-xida-msft on at

    Hi @codebrane ,

    Do you want to share an canvas app to your end users but do not share data source access permission to them?

     

    If you share an canvas app to your end users but do not share data source access permission, when the end users run this shared app on their side, they would not be able to see/view data from your data source within this app.

     

    If you want to restrict the end user to only access their own records within this shared app, I think the Filter function could achieve your needs.

    Within your app, I assume that you use a Gallery to list data from your SP list, you could filter the Gallery items based on current login user, then the end user could only see their submitted records when running this shared app. Please take a try with the following workaround:

    Set the OnStart property of the App to following:

    Set(CurrentUserEmail, User().Email)

    set the Items property of the Gallery to following:

    Filter(
 'YourSPList',
 'Created By'.DisplayName = CurrentUserEmail
)

    then re-pubish your app, check if the issue is solved.

     

    If you just want to restrict the end users to see other users entry in your SP list itself, I think the "Read Acsess" option within Advanced settings of List settings could achieve your needs. Please configure the "Read Acsess" option within Advanced settings of List settings of your SP list as below:7.JPG

    Please check and see if the response within the following thread would help in your scenario:

    https://powerusers.microsoft.com/t5/General-Discussion/Allow-PowerApp-users-to-submit-data-to-sharepoint-but-restrict/td-p/246752

     

    Best regards,

  • codebrane Profile Picture
    codebrane 141 on at

    thanks for that but the issue is:

     

    "If you share an canvas app to your end users but do not share data source access permission, when the end users run this shared app on their side, they would not be able to see/view data from your data source within this app"

     

    that's what I require. I don't want them to know the data source exists as it's not standard practice to make backend data services directly accessible to the users who use the front end.

     

    The app already enforces permissions on what they can see/add but the users can still look at the data in the Sharepoint list. This is not acceptable as some apps will record who the user is in a way Sharepoint cannot identify them, such as their personal email, rather than their Office365 email or username. So all users of the app would be able to see all users' data.

     

    It's also the fact they are informed they have access to something that makes no sense to them and that they should not have access to, i.e. the backend data source of every app they use.

     

  • Verified answer
    DavySmets Profile Picture
    DavySmets 26 on at

    Hey,

     

    This would be possible if you use an sql database as source. The sql database uses a seperate login the app connects to the datasource but the enduser can't see the credetials. 

     

    You do have to publish the app in a seperate environment and don't give anybody else maker rights. (see: https://docs.microsoft.com/en-us/power-platform/admin/environments-overview

    Else users can use the data connection in their apps. 

     

    Kind regards. 

  • iAm_ManCat Profile Picture
    iAm_ManCat 18,228 Most Valuable Professional on at

    Hi,

     

    If you use the PowerShell commands to BypassConsent for that App, then your users won't see that initial screen asking for permission, so they won't know the name of the data source. The account doing this must have the app shared with them as an owner, and they should be an Office365 Global Admin (not sure if this has changed, but that was the case the last time I ran it).

     

     

    Import-Module Microsoft.PowerApps.Administration.PowerShell
Import-Module Microsoft.PowerApps.PowerShell
Add-PowerAppsAccount
Set-AdminPowerAppApisToBypassConsent -AppName xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

    Additionally I would also use the options mentioned above by @v-xida-msft to prevent anyone from seeing or editing the rows that they did not create - if they did manage to somehow find the list, when they open it they will only the items they have created so there won't be a concern about them seeing others' personal details.

     

    Cheers,

    ManCat

     

  • codebrane Profile Picture
    codebrane 141 on at

    thanks for that but I think consent is required by GDPR. The app needs to use the Outlook account so bypassing consent isn't an option. I assume bypassing consent with the PS command will bypass all consent. It doesn't appear to be possible to limit user access to the backend list. They can still create/edit which is not allowed. Only the app must create data. The users must not have any access whatsoever to the backend datasource.

     

    A custom front end (spring boot for example) with the MS Graph API would solve the problem but a Powerapp with hidden backend would be nice.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 796 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 327 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans