Marcel Lehmann (mvp)

learn and find tipps & tricks around the powerplatform

#PowerPlatformTip 110 – ‘Protect SharePoint Data’

Leveraging SharePoint as a data source for PowerApps is common practice, especially given SharePoint’s integration capabilities with Microsoft Teams. However, ensuring secure and controlled access to SharePoint lists is paramount. Here’s a method to tighten data access protocols, ensuring users work within the intended security and operational frameworks.

💡 Challenge:
How do we ensure that users interact with SharePoint data strictly through PowerApps, preventing direct access and potential data integrity issues?

Solution:
The creation of a custom permission level for PowerApps users in SharePoint blocks direct access to SharePoint’s application pages while maintaining necessary data interaction capabilities.

🔧 How It’s Done:

  1. Creating a Custom Permission Level:
    • Navigate to Site Permissions and select Permission Levels on the Ribbon.
    • Choose the Contribute permission level, leading to its edit page.
    • At the bottom, click Copy Permission Level.
    • Name this new level something like “Power Apps – Custom Permission” and provide a meaningful description.
    • Crucially, remove or uncheck the “View Application Pages” permission under List Permissions.
    • Hit Create to finalize this custom permission level.
  2. Assigning Custom Permissions to a New Group:
    • Back in Site Permissions, click Create Group on the ribbon.
    • Name the group (e.g., “Power App Users”) and, optionally, set the Site Owners group as its owner for easier management.
    • Select the custom permission level you’ve just created.
    • Click Create to establish the group.
  3. Adding Users:
    • Add users to the “Power App Users” group. They’ll have the permissions needed to interact with data through PowerApps without being able to access the site’s content directly, including the application pages.

🎉 Result:
This approach strategically limits PowerApps users’ access, directing interactions through the app and enhancing data security. Users cannot directly access SharePoint lists via the GUI, aligning with best practices for data integrity and security.

🌟 Key Advantages:

  • Data Security: Restricts unauthorized direct access to SharePoint data, ensuring interactions are filtered through PowerApps.
  • Controlled Access: Empowers administrators to finely tune access permissions, fitting various operational needs without compromising security.
  • Flexibility: This method allows for the seamless integration of SharePoint as a data source, while maintaining strict access controls.

For a more detailed guide and insights, check out this comprehensive resource: Restricting Power Apps users from viewing or updating the SharePoint list content from SharePoint GUI.

Implementing these steps ensures that your SharePoint lists remain secure and that data integrity is preserved when accessed via PowerApps.

If you want to see the overview above all #PowerPlatformTip – click here

Interested in training or personalized coaching to enhance your PowerPlatform skills? 🚀 Book a package with me at thepoweraddicts.ch and benefit from customized strategies for your success. 💡

Published by

Marcel Lehmann

Leave a comment

Exclusive Access to #PowerPlatformTips

Don't miss your Power insights!
Subscribe now to be the first to receive notifications about new tips and tricks that will elevate your PowerPlatform skills.

Continue Reading