PowerApps Security Trimming

2


In this video, I outline a method to implement Security Trimming/Custom Permissions inside your PowerApps application. This approach utilizes a SharePoint list and native PowerApps functionality to accomplish the security trimming in three easy steps: 1) create the SharePoint list 2) Filter that list by the current logged in user in PowerApps 3) Set the visibility of your objects to show only if the user is in that approvers list.

There are other methods that you can use to implement security trimming which I’ve outlined in my corresponding blog post. I include links with how to implement as well as pros/cons of each approach: https://www.sharepointsiren.com/2019/08/powerapps-security-trimming-options/

I’m only highlighting ways to security trim WITHIN THE POWERAPPP ITSELF. This post is not meant to address how you could apply security trimming to your underlying SharePoint data source. If you want some ideas on how you can manage the security of your underlying SharePoint datasource, check out Laura Rogers blog here: https://wonderlaura.com/2019/07/18/powerapps-as-a-front-end/ which runs through several options for “locking down” your SharePoint list data sources so that users aren’t going to the list directly to edit data.

Checkout April’s Channel

Choose your Reaction!
  • Hi April, Excellent Video as always!
    But I'm afraid to use SharePoint lists to handle security within PowerApps. That's because when you share the app w/ your users, you should also grant them permissions to the sharepoint lists….
    That being said, these users (hackers 😀 ) could easily access the sharepoint list behind the scenes and bypass the security you implemented…..

    Do you use another approach in addition to sharepoint lists? Maybe CDS or Azure SQL?
    Thanks!

  • Thanks for a great video! I've used similar mechanisms in some of my Apps. Just a tip on the "mode" of the button, if you set it to "Disable" instead of "View", that will gray it out (by default), giving the uses a visual cue without another formula controlling the fill. I also often include a conditional tooltip (e.g.: if they can click it, "Submit Form"; if they can't "You Don't Have Permission to Submit this Form").

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.