You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: powerapps-docs/maker/canvas-apps/share-app.md
+11-37Lines changed: 11 additions & 37 deletions
Original file line number
Diff line number
Diff line change
@@ -47,7 +47,7 @@ Before you share an app, you must save it to the cloud (not locally) and then pu
47
47
48
48
- To allow your entire organization to run the app (but not modify or share it), type **Everyone** in the sharing panel.
49
49
- You can share an app with a list of aliases, friendly names, or a combination of those (for example, **Jane Doe <[email protected]>**) if the items are separated by semi-colons. If more than one person has the same name but different aliases, the first person found will be added to the list. A tooltip appears if a name or alias already has permission or can't be resolved.
50
-
50
+
51
51
52
52
53
53
> [!NOTE]
@@ -56,15 +56,16 @@ Before you share an app, you must save it to the cloud (not locally) and then pu
56
56
1. If you want to allow those with whom you're sharing the app to edit and share it (in addition to running it), select the **Co-owner** check box.
57
57
58
58
You can't grant **Co-owner** permission to a security group if you [created the app from within a solution](add-app-solution.md).
59
-
59
+
60
60
> [!NOTE]
61
61
> Regardless of permissions, no two people can edit an app at the same time. If one person opens the app for editing, other people can run it but not edit it.
62
62
63
63
1. If your app connects to data for which users need access permissions, specify them.
64
64
65
65
For example, your app might connect to an entity in a Common Data Service database. When you share such an app, the sharing panel prompts you to manage security for that entity.
> 
68
69
69
70
For more information about managing security for an entity, see [Manage entity permissions](share-app.md#manage-entity-permissions) later in this topic.
70
71
@@ -89,6 +90,7 @@ You can change permissions for a user or a security group by selecting their nam
89
90
## Security-group considerations
90
91
91
92
- If you share an app with a security group, existing members of that group and anyone who joins it will have the permission that you specify for that group. Anyone who leaves the group loses that permission unless they belong to a different group that has access or you give them permission as an individual.
93
+
92
94
- Every member of a security group has the same permission for an app as the overall group does. However, you can specify greater permissions for one or more members of that group to allow them greater access. For example, you can give Security Group A permission to run an app, but you can also give User B, who belongs to that group, **Co-owner** permission. Every member of the security group can run the app, but only User B can edit it. If you give Security Group A **Co-owner** permission and User B permission to run the app, that user can still edit the app.
93
95
94
96
## Manage entity permissions
@@ -98,47 +100,19 @@ You can change permissions for a user or a security group by selecting their nam
98
100
If you create an app based on Common Data Service, you must also ensure that the users with whom you share the app have the appropriate permissions for the entity or entities on which the app relies. Specifically, those users must belong to a security role that can perform tasks such as creating, reading, writing, and deleting relevant records. In many cases, you'll want to create one or more custom security roles with the exact permissions that users need to run the app. You can then assign a role to each user as appropriate.
99
101
100
102
> [!NOTE]
101
-
> As of this writing, you can assign security roles to individual users but not to security groups.
103
+
> As of this writing, you can assign security roles to individual users and security groups in Azure Active Directory but not to Office groups.
102
104
103
105
#### Prerequisite
104
106
105
-
To perform the next two procedures, you must have **System administrator** permissions for a Common Data Service database.
106
-
107
-
#### Create a security role
108
-
109
-
1. In the sharing panel, select **Set permissions** under **Data permissions**, and then select the **Security Roles** link.
1. Select one or more tabs to find the entity or entities that your app uses, and then select the permissions that you want to grant the security role.
118
-
119
-
For example, this graphic shows that the **Core records** tab contains the **Accounts** entity, and users to which this security role has been assigned can create, read, write, and delete records in that entity.
1. In the sharing panel, select **Set permissions** under **Data permissions**, and then select the **Users** link.
128
-
129
-
130
-
131
-
1. In the upper-right corner, type or paste the name of the user whom you want to assign to the role, and then select the search icon.
132
-
133
-
107
+
To assign a role, you must have **System administrator** permissions for a Common Data Service database.
134
108
135
-
1. In the search results, point to the result that you want, and then select the check box that appears.
109
+
#### Assign a security group in Azure AD to a role
136
110
137
-
1. In the top banner, select **Manage roles**.
111
+
1. In the sharing panel, select **Assign a security role** under **Data permissions**.
138
112
139
-
1.In the dialog box that appears, select the check boxes for **Common Data Service User** and the role that the user needs for your app, and then select **OK.**
113
+
1.Select the role or roles in Common Data Service that you want to assign to the user or the security group in Azure AD with which you want to share the app.
140
114
141
-
115
+
0 commit comments