web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Agent Academy Hackathon is happening now!
Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Is there any way to re...
Power Apps
Unanswered

Is there any way to restrict a user (Office365) from applying for a trial? Security issue

(0) ShareShare
ReportReport
Posted on by Community Power Pla... Microsoft Employee

If I have an app with a SQL Server connection and I share it with an Office365 User and only give User role (not Co-Owner), will they be able to access this connector and say, create another app with this connector and access the data?

 

And what if they apply and get a trial account?

 

If I share the app with another user in my organization (as User again, not Co-Owner) they get permission to user the SQL connector even if I then remove them from the app.

Categories:
Governance & administering
I have the same question (0)
  • Carsten_Growth Profile Picture
    Carsten_Growth Microsoft Employee on at

    What you described is called implicit sharing. You can avoid implicit sharing for SQL Server considering this: https://powerapps.microsoft.com/en-us/blog/general-availability-of-the-azure-ad-sql-server-connector/

  • Community Power Platform Member Profile Picture
    Community Power Pla... Microsoft Employee on at

    Hi @Carsten_Growth,

     

    Thank you for your reply. What about other data connectors? Is there a way to restrict users from the organization to create Power Apps that may take advantage of implicit sharing in other connectors?

  • TB-13091842-0 Profile Picture
    TB-13091842-0 140 on at

    There are some ideas presented in this thread: https://powerusers.microsoft.com/t5/Power-Apps-Ideas/Removing-user-ability-to-access-data-source-without-using-the/idi-p/92596

     

    I found a way within SQL Server to restrict PowerApps users to publicly available data, so at least when those are implicitly shared, the users are not accessing sensitive information. But that only solves the problem to a certain extent.

     

    Implicit sharing needs to be fixed. It's like this: one morning, you lend your neighbor a cup of sugar. You come home after work to find your entire house empty. But the police can't do a thing about it, because sharing the cup of sugar with your neighbor implicitly shared the contents of your entire house, with them.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Agent Academy Hackathon is happening now!
Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the April Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
Vish WR Profile Picture

Vish WR 893

#2
Valantis Profile Picture

Valantis 571

#3
11manish Profile Picture

11manish 482

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans