Blog Post

Nonprofit Techies
2 MIN READ

SharePoint and Power Apps: Managing Roles and Permissions

TaylorTech's avatar
TaylorTech
Iron Contributor
Jun 30, 2025

Main Use Case: Building Power Apps with a SharePoint List

One of the key aspects of SharePoint security is managing permissions at the list or item level, which allows you to control who can view or edit the data. This granular control is essential for maintaining the integrity and confidentiality of sensitive information within your organization. By effectively managing permissions, you can ensure that only authorized personnel have access to specific data, thereby reducing the risk of unauthorized access. Whether you choose to restrict access to the entire list for simplicity or use item-level permissions for more advanced scenarios, SharePoint provides the tools you need to keep your data secure.

Restrict Access to the Entire SharePoint List

This happens in SharePoint itself, not Power Apps. You need to manage permissions at the list or item level: 

 

  • Go to your SharePoint site > Open the List. 
  • Click on the gear ⚙️ > List settings. 

 

 

 

  • Under Permissions and Management, click Permissions for this list. 

 

 

  • Stop inheriting permissions (click the ribbon command: Stop Inheriting Permissions). 

 

  •  Remove default access groups (like "Members" or "Visitors"). 

 

 

 

  • Add a specific SharePoint group or individuals who should have full access —an admin or manager, not end users. 
  • End users will only interact with the list through Power Apps — they don’t need direct list access. 
  • Please keep in mind that if users need to edit entries, they must have access to the list. Without proper permissions, they won't be able to see or edit the list. The next user permissions option is ideal for users who need to edit their own entries.

Use Item-Level Permissions in SharePoint

This is only advisable if you can enforce it consistently: 

  • Go to List settings > Under Advanced settings. 

 

 

  • Scroll to Item-level Permissions. 
  • Choose: 
    • ✅ Read access: Only their own 
    • ✅ Create and Edit access: Only their own 

 

 

 

This works well only if users are submitting forms (e.g., time-off requests) that shouldn’t be visible to others.  

Prevent Users from Viewing or Editing Power App Code 

This is configured through Power Apps and Microsoft Admin Center.

Limit Who Has Access to Edit the App

  • In Power Apps Studio: 
  • Go to File Share. 

 

 

 

  • Remove or do not add users as Co-owners. 

 

 

  • Instead, share as Users only — give them Can use permission. 

 

Use Environment Roles (Dataverse or Environment Scope)

In the Power Platform Admin Center (https://admin.powerplatform.microsoft.com): 

  • Go to Environments > Click your environment > Security roles. 
  • Set roles so users: 
    • Are not Environment Admins or Makers. 
    • Only have User roles in production environments. 

 

Summary of What to Check: 

Task 

Where 

Goal 

Limit list access 

SharePoint List Settings 

Prevent users from directly viewing data 

Use item-level permissions 

SharePoint Advanced Settings 

Let users only see/edit their own submissions 

Limit app editing 

Power Apps Share Panel 

Ensure only owners can edit 

Secure environment roles 

Power Platform Admin Center 

Block access to Maker/Admin capabilities 

 

Published Jun 30, 2025
Version 1.0
nonprofit
nonprofit tech acceleration (nta)
power apps
power platform
security
sharepoint
No CommentsBe the first to comment