You’re offline. This is a read only version of the page.
If I have an app with a SQL Server connection and I share it with an Office365 User and only give User role (not Co-Owner), will they be able to access this connector and say, create another app with this connector and access the data?
And what if they apply and get a trial account?
If I share the app with another user in my organization (as User again, not Co-Owner) they get permission to user the SQL connector even if I then remove them from the app.
There are some ideas presented in this thread: https://powerusers.microsoft.com/t5/Power-Apps-Ideas/Removing-user-ability-to-access-data-source-without-using-the/idi-p/92596
I found a way within SQL Server to restrict PowerApps users to publicly available data, so at least when those are implicitly shared, the users are not accessing sensitive information. But that only solves the problem to a certain extent.
Implicit sharing needs to be fixed. It's like this: one morning, you lend your neighbor a cup of sugar. You come home after work to find your entire house empty. But the police can't do a thing about it, because sharing the cup of sugar with your neighbor implicitly shared the contents of your entire house, with them.
Hi @Carsten_Growth,
Thank you for your reply. What about other data connectors? Is there a way to restrict users from the organization to create Power Apps that may take advantage of implicit sharing in other connectors?
What you described is called implicit sharing. You can avoid implicit sharing for SQL Server considering this: https://powerapps.microsoft.com/en-us/blog/general-availability-of-the-azure-ad-sql-server-connector/
#1
Michael E. Gernaey
9
Super User 2025 Season 1
#2
bscarlavai33
5
Super User 2025 Season 1
#3
getsplash
2
Share
Report
All responses (
Answers (
