{"id":141,"date":"2017-12-04T11:38:47","date_gmt":"2017-12-04T19:38:47","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-apps\/implementing-role-based-permission\/"},"modified":"2025-06-11T08:10:42","modified_gmt":"2025-06-11T15:10:42","slug":"implementing-role-based-permission","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-apps\/implementing-role-based-permission\/","title":{"rendered":"Implementing Role Based Security In Your PowerApps App"},"content":{"rendered":"<p>A very common question our customers ask is, how do I implement role based access control in my app. In other words, how do I make certain features or screens of my app available only to the authorized people in my organization. For example, make Admin screen available only to the users who belong to an Active Directory Group \u201cAdministrators\u201d or make management views available only to the users belonging to the Active Directory Group \u201cManagers\u201d (as shown in the picture below).\u00a0 <\/p>\n<p>In this blog post, I\u2019ll show you how you can find out the Active Directory group membership of the signed in user and accordingly make decision to show\/ hide certain features.\u00a0 <\/p>\n<p><a href=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"image\" height=\"434\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png\" style=\"display: inline;\" title=\"image\" width=\"524\"\/><\/a><\/p>\n<h2>High Level Steps<\/h2>\n<p>We\u2019ll use <a href=\"https:\/\/docs.microsoft.com\/en-us\/powerapps\/register-custom-api\"><u>custom connector feature of PowerApps<\/u><\/a> to connect to <a href=\"https:\/\/developer.microsoft.com\/en-us\/graph\/docs\/api-reference\/v1.0\/api\/user_list_memberof\"><u>Microsoft Graph API<\/u><\/a> for listing the Active Directory Groups that the user belongs to*. After getting the list of groups through this custom connector in PowerApps, we can easily check if the user belongs to a particular group and accordingly set the visibility of certain controls or screens.<\/p>\n<p>Following are the broad steps:<\/p>\n<p><strong>Step 1:<\/strong> Register an app in the Azure Active Directory and request permission to use the right Graph API(s)\n\t<\/p>\n<p><strong>Step 2:<\/strong> Grant Permission requested above (An Active Directory Admin needs to do this)<\/p>\n<ul style=\"margin-left: 40px;\">\n<\/ul>\n<p><strong>Step 3:<\/strong> Add this app as a custom connector in PowerApps environment<\/p>\n<ul style=\"margin-left: 40px;\">\n<\/ul>\n<p><strong>Step 4:<\/strong> Use the custom connector in your PowerApps app<\/p>\n<ul style=\"margin-left: 40px;\">\n<\/ul>\n<p>* Note:<\/p>\n<ul>\n<li>If you never used <a href=\"https:\/\/developer.microsoft.com\/graph\"><u>Microsoft Graph<\/u><\/a> before, I strongly recommend that you checkout their documentation and <a href=\"https:\/\/developer.microsoft.com\/en-us\/graph\/graph-explorer\"><u>graph explorer<\/u><\/a>. I find Graph Explorer very handy to explore what\u2019s out there and even test out the output of the specific APIs before using this in my own code.\n\t<\/li>\n<li>Graph API we are using here, lists the groups that the user is direct member of. So, it\u2019ll miss out the group membership through nested group membership. For this blog, we are keeping it simple by just checking for direct membership. There are other Graph APIs for finding nested group membership too. However you\u2019ll need to know group id (you can\u2019t use group name for using that API). You can use the concept outlined in this blog to make use of this other API (after finding group id from the graph explorer). If there is enough interest, I\u2019ll do another blog post showing how to use the other graph api.<\/li>\n<\/ul>\n<h2>Step 1: Register An App In The Azure Active Directory and Request Permission To Use The Right Graph API(s)<\/h2>\n<p>These steps are similar to the steps documented in <a href=\"https:\/\/docs.microsoft.com\/en-us\/powerapps\/customapi-azure-resource-manager-tutorial\"><u>this example of custom api<\/u><\/a>.<\/p>\n<p>1. Sign in to the <a href=\"https:\/\/portal.azure.com\/\"><u>Azure portal<\/u><\/a>. If you have more than one Azure Active Directory tenant, make sure you&#8217;re logged into the correct directory by looking at your username in the upper-right corner.<\/p>\n<p><a href=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/f0f1ad91-93b8-4212-87b1-72aa0637b682.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"image\" border=\"0\" height=\"90\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/f0f1ad91-93b8-4212-87b1-72aa0637b682.png\" style=\"display: inline; background-image: none;\" title=\"image\" width=\"355\"\/><\/a><\/p>\n<p>2. Select <strong>Azure Active Directory<\/strong> -&gt; <strong>App Registration<\/strong><\/p>\n<p>3. Select <strong>New application registration<\/strong>.<\/p>\n<p><a href=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/d8034baa-823c-4f0e-bad1-103997d96d24.jpg\"><img loading=\"lazy\" decoding=\"async\" alt=\"clip_image003\" border=\"0\" height=\"453\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/d8034baa-823c-4f0e-bad1-103997d96d24.jpg\" style=\"display: inline; background-image: none;\" title=\"clip_image003\" width=\"629\"\/><\/a><br \/>\u00a0 <\/p>\n<p>4. For Registering a New App, use following values:<\/p>\n<p>Name: Any Name that you want to use ( I used \u201cGraphAPIDemo\u201d)<\/p>\n<p>Application type: Web app\/ API<\/p>\n<p>Sign-on URL: https:\/\/login.windows.net<\/p>\n<p><a href=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/09ae67a8-8fdf-4d94-b63a-d31e21b19f5a.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"image\" border=\"0\" height=\"368\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/09ae67a8-8fdf-4d94-b63a-d31e21b19f5a.png\" style=\"display: inline; background-image: none;\" title=\"image\" width=\"476\"\/><\/a><\/p>\n<p>5. Once it is created, select this newly created app. Note down the application id (it\u2019ll be used as Client Id in the later step of adding this API as custom connector in PowerApps environment). After noting down the application id, click \u201cSettings\u201d menu at the top.\n<\/p>\n<p><a href=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/3c4f8338-5c37-4cbb-8317-6f3bb1b3e483.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"image\" border=\"0\" height=\"392\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/3c4f8338-5c37-4cbb-8317-6f3bb1b3e483.png\" style=\"display: inline; background-image: none;\" title=\"image\" width=\"1075\"\/><\/a><\/p>\n<p>6. From Settings, click on Reply URLs, add following url and hit save: <\/p>\n<p><a href=\"https:\/\/msmanaged-na.consent.azure-apim.net\/redirect\">https:\/\/msmanaged-na.consent.azure-apim.net\/redirect<\/a>\n<\/p>\n<p><strong>Note- This url may not work for non US locations. If you get error, you\u2019ll have to come back and add your location specific url. I\u2019ll go in greater details about that error at a later step (where you register this as custom connector in PowerApps environment).<\/strong><\/p>\n<p><a href=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/d596e1d6-6dd0-41d6-9422-924fcfa12edd.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"image\" border=\"0\" height=\"300\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/d596e1d6-6dd0-41d6-9422-924fcfa12edd.png\" style=\"display: inline; background-image: none;\" title=\"image\" width=\"873\"\/><\/a><\/p>\n<p>7. From Settings, click on Keys\n<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" height=\"682\" src=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/ed7dca61-780f-4aae-a2bf-0c7d02aff4d2.jpg\" width=\"435\"\/><\/p>\n<ol>\n<\/ol>\n<p>8. Enter a description for the key, choose the expiry period, and hit Save. A new key value will be generated. Note down that value. You\u2019ll need this key secret in later step while registering this API as custom API in PowerApps. (Note- very important to note down this secret in this step because you won\u2019t be able to see this key if you come back to this screen later. )<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/09577a7d-7f9c-4ea3-b51c-3e3e15f9c480.jpg\"\/><\/p>\n<ol>\n<\/ol>\n<p>9. Go back to Settings, click on Required Permissions<\/p>\n<ol>\n<\/ol>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/9a9275f6-40f4-42c9-8016-7ec798cbb3e4.jpg\"\/><\/p>\n<p>10. In the Required Permissions, click on Add and then Select an API:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/28f2424f-3f6c-48f9-b9f1-9924bc2b362f.jpg\"\/><\/p>\n<p>11. On the next screen, select Microsoft Graph:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/a2e8fa12-f53a-40cc-8bc8-95fa28cd7c77.jpg\"\/><\/p>\n<p>12. Click on Select Permissions:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/7899d8d3-58ff-4b20-9285-01b928958a1b.jpg\"\/><\/p>\n<p>13. Under \u201cDelegated Permissions\u201d, check following ones:<\/p>\n<p style=\"margin-left: 48px;\">\u00b7\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 View User\u2019s Basic Profile<\/p>\n<p style=\"margin-left: 48px;\">\u00b7\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 View User\u2019s Email Address<\/p>\n<p style=\"margin-left: 48px;\">\u00b7\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Sign Users In<\/p>\n<p style=\"margin-left: 48px;\">\u00b7\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Access Directory As Signed In User<\/p>\n<p style=\"margin-left: 48px;\">\u00b7\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Read Directory Data<\/p>\n<p style=\"margin-left: 48px;\">\u00b7\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Read All Groups<\/p>\n<p style=\"margin-left: 48px;\">\u00b7\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Read All User\u2019s Basic Profile<\/p>\n<p style=\"margin-left: 48px;\">\u00b7\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Sign in and read User Profile<\/p>\n<p>And, hit \u201cSelect\u201d<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" height=\"860\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/323bd83e-b742-4117-ba11-f0f9ee648965.jpg\" width=\"645\"\/><\/p>\n<p><\/p>\n<h2>Step 2: Grant The Permissions Requested In The Previous Step (An Active Directory Admin Needs To Do This)<\/h2>\n<p>This step can be done only by the admin of the active directory. There are 2 ways to do this:<\/p>\n<p><b>Option 1:<\/b><\/p>\n<p>Ask the admin to the Azure portal, go to Azure Active Directory -&gt; App Registrations -&gt; and select the app you registered in the previous step. Go to settings -&gt; Required Permissions, and click on Grant Permissions button at the top:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" height=\"242\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/a8475048-3c87-47dd-8319-ff8ddabf3f7e.jpg\" width=\"966\"\/><\/p>\n<p><b><br \/>Option 2:<\/b><\/p>\n<p>Send the following url to the Active Directory Admin (it is typically someone from your IT Department). In the url below, put the client id (or application id) you noted while registering the app in the active directory. On clicking this url, your Active Directory Tenant Admin will get the prompt to grant permission. <\/p>\n<p><em>https:\/\/login.microsoftonline.com\/powerappsdemo1.onmicrosoft.com\/oauth2\/authorize?client_id=&lt;Client-Id you noted earlier&gt;&amp;response_type=code&amp;redirect_uri=https:\/\/msmanaged-na.consent.azure-apim.net\/redirect&amp;nonce=1234&amp;resource=https:\/\/graph.windows.net&amp;prompt=admin_consent<\/em><\/p>\n<h2>Step 3: Add This Registered App As A Custom Connector In Your PowerApps Environment<\/h2>\n<p>1. Go to <a href=\"https:\/\/web.powerapps.com\">https:\/\/web.powerapps.com<\/a> and click on gear icon on the top right, and select \u201cCustom Connectors\u201d. <\/p>\n<p>Note- if you are part of multiple Active Directory Tenants, make sure you sign in to the active directory tenant where you registered this app in the first step.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/c6acd201-af1d-47fb-8779-5f13c3722e74.jpg\"\/><\/p>\n<p>2. Once you get to Customer Connectors screen, click on \u201cCreate custom connector\u201d and Choose the option to \u201cImport an Open API File\u201d:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/ffe34fcd-1259-47e6-8297-990fa94bb2c6.jpg\"\/><\/p>\n<p>3. You\u2019ll get following dialogue box. By importing an OpenAPI file, you are essentially importing a Swagger file. Use the <a href=\"https:\/\/blogcode.blob.core.windows.net\/role-based-permission-1\/GraphAPISwagger.json\">Swagger file I created for this scenario<\/a> (Save it to your local drive, and use it for uploading OpenAPI file).  For Custom Connector title, use any title you want. I used DirectGroupMembership.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" height=\"286\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/df3cbc2a-db2b-487a-98c3-69e2fde20e0c.jpg\" width=\"428\"\/><\/p>\n<p>4. \u201cGeneral Information\u201d step is automatically filled using the information in the swagger file. Feel free to change the icon, description but don\u2019t change Host and Base Url. <\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/9dec75b2-c842-42fa-9d11-c5fb0595994b.jpg\"\/><\/p>\n<p>5. Click Continue. In the Security Step, Swagger file will help automatically select Authentication Type as OAuth2.0 and choose the Identity Provider as \u201cAzure Active Directory\u201d. Leave all the information as automatically filled. You just need to fill the following information:<\/p>\n<p><b>Client id:<\/b> &lt;Application Id you noted down in the earlier step of registering your app in Azure Active Directory.\u201d &gt;<\/p>\n<p><b>Client secret:<\/b> &lt;Secret Key you noted while creating Keys in the App registration in Azure Active Directory step earlier&gt;<\/p>\n<p><b>Resource Url:<\/b> <a href=\"https:\/\/graph.microsoft.com\/\">https:\/\/graph.microsoft.com\/<\/a><\/p>\n<p>Click Continue.<\/p>\n<p><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" height=\"837\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/c6d87871-ea53-4a1c-bebe-a019d1300d43.jpg\" width=\"609\"\/><\/p>\n<p>6. Next Step of Definition will have everything automatically filled out from the Swagger file. Don\u2019t make any changes (except summary and description- if you want to)<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2348c4b7-7c63-45f3-a4c1-d832a92c1c41.png\"\/><\/p>\n<p>7. Click on Creator Connector:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/77b4c2d4-c3dd-4c4f-94d7-dabab794848a.jpg\"\/><\/p>\n<p>8. If you followed all the steps properly, clicking on \u201cCreate connector\u201d should create the connector successfully. <\/p>\n<p><\/p>\n<p>If you see warning like following, scroll down and see if you see 200 Success message. If you see 200 Success message, please ignore the warnings. These warnings show up because my swagger file has extra parameters that are used by other Graph APIs. You don\u2019t them for this example, that\u2019s why it\u2019s just warning. <\/p>\n<p><\/p>\n<p><a href=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/28fc521e-a2f2-47d4-8f15-bb8ad6b235ef.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"image\" border=\"0\" height=\"456\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/28fc521e-a2f2-47d4-8f15-bb8ad6b235ef.png\" style=\"display: inline; background-image: none;\" title=\"image\" width=\"842\"\/><\/a><\/p>\n<p><\/p>\n<p><\/p>\n<p>Next step is to test it. Click on \u201cTest\u201d link and then \u201cNew Connection\u201d on the Test Screen:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/877af832-e15c-4850-bd89-674017c80480.jpg\"\/><\/p>\n<p>9. Click on \u201cCreate\u201d from the Pop up dialogue box:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/55e9f806-f8bd-49c6-8712-b3721fd790af.jpg\"\/><\/p>\n<p>10. Sign in using your account:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/72a6aa7f-d483-42ac-a6d6-c5b09e8bc224.jpg\"\/><\/p>\n<p><\/p>\n<p>If you are getting sign in error in creating connection, scroll down and see your error message. If the error message points to a different reply url than the one you specified while registering the app in active directory (Step-1) earlier, please add this reply address as a reply url in your app (reply url from your error message)<\/p>\n<p><\/p>\n<p><a href=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/c9d37620-e550-4796-b2a5-1c58ed598188.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"image\" border=\"0\" height=\"541\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/c9d37620-e550-4796-b2a5-1c58ed598188.png\" style=\"display: inline; background-image: none;\" title=\"image\" width=\"1046\"\/><\/a><\/p>\n<p><\/p>\n<p>11. On successful sign in, you successfully registered Graph API with the right permission as a custom connector in your PowerApps environment. You should be all set to use it in your app. You can go ahead testing this in the portal by going to \u201cCustom Connector\u201d, selecting this connector and clicking on \u201cTest\u201d. For user id input, provide your full email (e.g. sudhesh@powerappsdemo1.onmicrosoft.com) and see the output. If all goes well, you should get 200 OK status.<\/p>\n<p><\/p>\n<p>If you are getting 404 error, please check the following in the <a href=\"https:\/\/developer.microsoft.com\/en-us\/graph\/graph-explorer\">graph explorer<\/a>:<\/p>\n<p><\/p>\n<p>Go to graph explorer (<a href=\"https:\/\/developer.microsoft.com\/en-us\/graph\/graph-explorer\" title=\"https:\/\/developer.microsoft.com\/en-us\/graph\/graph-explorer\">https:\/\/developer.microsoft.com\/en-us\/graph\/graph-explorer<\/a>), sign in, and try running following API (make sure you provide full email of the userid e.g. <a href=\"mailto:meganb@bappartners.onmicrosoft.com\">meganb@bappartners.onmicrosoft.com<\/a> ). <\/p>\n<p><strong><a href=\"https:\/\/graph.microsoft.com\/v1.0\/users\/{userid}\/memberOf\">https:\/\/graph.microsoft.com\/v1.0\/users\/{userid}\/memberOf<\/a><\/strong><\/p>\n<p><a href=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/74ef51e4-0e0f-4630-acae-ca53025403c3.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"image\" border=\"0\" height=\"320\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/74ef51e4-0e0f-4630-acae-ca53025403c3.png\" style=\"display: inline; background-image: none;\" title=\"image\" width=\"225\"\/><\/a><\/p>\n<p><a href=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/\nblog\/media\/PowerApps\/blog\/d0c06b79-df35-4ba2-b7d6-0c09051c447e.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"image\" border=\"0\" height=\"228\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/\nblog\/media\/PowerApps\/blog\/d0c06b79-df35-4ba2-b7d6-0c09051c447e.png\" style=\"display: inline; background-image: none;\" title=\"image\" width=\"623\"\/><\/a><\/p>\n<p><\/p>\n<p>See if you can successfully get the list of groups here.<\/p>\n<p><\/p>\n<p>If you get permission error, please click on modify permission link and add following permissions (your Active Directory Admin will have to do this):<\/p>\n<p><\/p>\n<p>User.Read<\/p>\n<p>User.ReadBasic.All<\/p>\n<p>People.Read<\/p>\n<p>Directory.Read.All<\/p>\n<p>Group.Read.All<\/p>\n<p>User.Read.All<\/p>\n<p>People.Read.All<\/p>\n<p><\/p>\n<p>After ensuring that you get the groups list using Graph API as stated above, come back and test your custom connector in PowerApps. You should be good now.<\/p>\n<p>If you are facing any other error, please double check that you followed following steps properly:<\/p>\n<p>\u00b7 The Registered App was Granted Permission by an Admin of the Active Directory (Ensure that the permission was granted before you registered this as custom connector in PowerApps environment)<\/p>\n<p>\u00b7 While registering the app, you provided proper reply url\u00a0 (if you got error during custom connection creation, you added additional reply url) <\/p>\n<p>\u00b7 While creating custom connector, you provided proper resource url <\/p>\n<p>\u00b7 You noted down the correct Client Id, and Client Secret. (Client Id is same as Application Id. Key is same as Client Secret) <\/p>\n<p>\u00b7 You are signed in to the Active Directory Tenant where you registered your app <\/p>\n<p>\u00b7 You could successfully run the api from Graph Explorer<\/p>\n<h2>Step 4: Use the custom connector in your PowerApps app<\/h2>\n<p>1. In the PowerApps environment where you created this custom connector, create a new app. <\/p>\n<p><img loading=\"lazy\" decoding=\"async\" height=\"178\" src=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/86490f07-f746-4ec1-88f9-5ab76deacd51.jpg\" width=\"946\"\/><\/p>\n<p>2. Create a blank app. Click on View -&gt; Data Sources. You should see this Custom Connector you just created in the list of data sources (If not, click on \u201cNew Connection\u201d and you\u2019ll see that connector). Click on the Custom Connector you just created. <\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/b22897b9-fb34-45b5-919d-8386b88c4baa.jpg\"\/><\/p>\n<p>On click on this, your custom connector should be a Data Source in your App now. I see \u201cGraph\u201d as a data source now (this name came from the title given in the swagger file. Feel free to change that). <\/p>\n<p>3. For quick testing to see if you are getting the groups, insert a button control and OnSelect action of the button, put following formula:<\/p>\n<p>ClearCollect(MyGroups, Graph.ListUserGroups(User().Email).value) <br \/>Graph is the name of the data source (custom connector)<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/b212df91-b6a9-4262-8b9b-fac50eb16b14.jpg\"\/><\/p>\n<p>4. Preview the app and click on the button. Go back to design mode and check if the collection \u201cMyGroups\u201d has the list of the groups you are member of.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/f3f5843f-bc9c-4192-b780-2fb75af74584.jpg\"\/><\/p>\n<p>5. Getting some value in collection like above means you are able to successfully get the list of Groups, the signed in user is member of. You can now use this for setting visibility on or off of certain screens or controls. For example, if you have an Admin button on this screen, you can set the visible property of that Button to:<\/p>\n<p>If(&#8220;Administrator&#8221; in MyGroups.displayName, true, false)<\/p>\n<p>Note- in your application, you\u2019ll most likely not have any button to get the list of groups. You\u2019ll most like do this in the OnVisible event of your screen. <\/p>\n<h2>Conclusion<\/h2>\n<p>Hopefully this tutorial gives you a good overview of how to implement active directory group membership based permissions in your app. There are many steps involved here (incl. admin consent), so it\u2019s a long post. However following all these steps successfully will also give you good idea of how to implement any custom connector in your PowerApps environment and how to make use of different Graph APIs. <\/p>\n<p>Let us know your feedback and questions. Will be great if some of you can share your scenario or any additional tutorials you created on similar lines. <\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p>\n<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Many times, you may want to make certain features or screens of your apps available only to the authorized people in your organization. For example, make Admin capabilities available only to the users who belong to an Active Directory Group \u201cProduct Admins\u201d or make some management views available to users belonging to the Active Directory Group \u201cManagers\u201d. In this blog post, I\u2019ll show you how you can find out the Active Directory group membership of any user and accordingly make decision to show\/ hide certain features.<\/p>\n","protected":false},"author":128,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","_alt_title":"","ms-ems-related-posts":[],"footnotes":""},"audience":[3378],"content-type":[3423],"job-role":[],"product":[3473],"property":[],"topic":[3421],"coauthors":[2133],"class_list":["post-141","post","type-post","status-publish","format-standard","hentry","audience-it-professional","content-type-tips-and-guides","product-power-apps","topic-application-modernization"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Implementing Role Based Security In Your PowerApps App - Microsoft Power Platform Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Implementing Role Based Security In Your PowerApps App - Microsoft Power Platform Blog\" \/>\n<meta property=\"og:description\" content=\"Many times, you may want to make certain features or screens of your apps available only to the authorized people in your organization. For example, make Admin capabilities available only to the users who belong to an Active Directory Group \u201cProduct Admins\u201d or make some management views available to users belonging to the Active Directory Group \u201cManagers\u201d. In this blog post, I\u2019ll show you how you can find out the Active Directory group membership of any user and accordingly make decision to show\/ hide certain features.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-apps\/implementing-role-based-permission\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Power Platform Blog\" \/>\n<meta property=\"article:published_time\" content=\"2017-12-04T19:38:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-11T15:10:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png\" \/>\n<meta name=\"author\" content=\"Sudhesh Suresh\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sudhesh Suresh\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/author\/v-sudhsu\/\",\"@type\":\"Person\",\"@name\":\"Sudhesh Suresh\"}],\"headline\":\"Implementing Role Based Security In Your PowerApps App\",\"datePublished\":\"2017-12-04T19:38:47+00:00\",\"dateModified\":\"2025-06-11T15:10:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/\"},\"wordCount\":2111,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/\",\"name\":\"Implementing Role Based Security In Your PowerApps App - Microsoft Power Platform Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png\",\"datePublished\":\"2017-12-04T19:38:47+00:00\",\"dateModified\":\"2025-06-11T15:10:42+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#primaryimage\",\"url\":\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png\",\"contentUrl\":\"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Implementing Role Based Security In Your PowerApps App\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/\",\"name\":\"Microsoft Power Platform Blog\",\"description\":\"Innovate with Business Apps\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization\",\"name\":\"Microsoft Power Platform Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png\",\"width\":194,\"height\":145,\"caption\":\"Microsoft Power Platform Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/person\/7b7c3e5574edf5f03e058368df690a78\",\"name\":\"Sudhesh Suresh\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/39a1d0832eaf32b921ff821aca5c3e7da192b47288e6f5998209ff9672e660a4?s=96&d=mm&r=g8e045a6d604ea07d037d6fe3cdf2c23f\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/39a1d0832eaf32b921ff821aca5c3e7da192b47288e6f5998209ff9672e660a4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/39a1d0832eaf32b921ff821aca5c3e7da192b47288e6f5998209ff9672e660a4?s=96&d=mm&r=g\",\"caption\":\"Sudhesh Suresh\"},\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/author\/v-sudhsu\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Implementing Role Based Security In Your PowerApps App - Microsoft Power Platform Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/","og_locale":"en_US","og_type":"article","og_title":"Implementing Role Based Security In Your PowerApps App - Microsoft Power Platform Blog","og_description":"Many times, you may want to make certain features or screens of your apps available only to the authorized people in your organization. For example, make Admin capabilities available only to the users who belong to an Active Directory Group \u201cProduct Admins\u201d or make some management views available to users belonging to the Active Directory Group \u201cManagers\u201d. In this blog post, I\u2019ll show you how you can find out the Active Directory group membership of any user and accordingly make decision to show\/ hide certain features.","og_url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-apps\/implementing-role-based-permission\/","og_site_name":"Microsoft Power Platform Blog","article_published_time":"2017-12-04T19:38:47+00:00","article_modified_time":"2025-06-11T15:10:42+00:00","og_image":[{"url":"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png","type":"","width":"","height":""}],"author":"Sudhesh Suresh","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Sudhesh Suresh","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/author\/v-sudhsu\/","@type":"Person","@name":"Sudhesh Suresh"}],"headline":"Implementing Role Based Security In Your PowerApps App","datePublished":"2017-12-04T19:38:47+00:00","dateModified":"2025-06-11T15:10:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/"},"wordCount":2111,"commentCount":0,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#primaryimage"},"thumbnailUrl":"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png","inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/","name":"Implementing Role Based Security In Your PowerApps App - Microsoft Power Platform Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#primaryimage"},"thumbnailUrl":"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png","datePublished":"2017-12-04T19:38:47+00:00","dateModified":"2025-06-11T15:10:42+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#primaryimage","url":"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png","contentUrl":"https:\/\/pwrappscdn.azureedge.net\/mediahandler\/blog\/media\/PowerApps\/blog\/2fdf6844-8088-499a-a0a7-0348a4d4ec41.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2017\/12\/04\/implementing-role-based-permission\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/"},{"@type":"ListItem","position":2,"name":"Implementing Role Based Security In Your PowerApps App"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/","name":"Microsoft Power Platform Blog","description":"Innovate with Business Apps","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization","name":"Microsoft Power Platform Blog","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png","width":194,"height":145,"caption":"Microsoft Power Platform Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/person\/7b7c3e5574edf5f03e058368df690a78","name":"Sudhesh Suresh","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/39a1d0832eaf32b921ff821aca5c3e7da192b47288e6f5998209ff9672e660a4?s=96&d=mm&r=g8e045a6d604ea07d037d6fe3cdf2c23f","url":"https:\/\/secure.gravatar.com\/avatar\/39a1d0832eaf32b921ff821aca5c3e7da192b47288e6f5998209ff9672e660a4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/39a1d0832eaf32b921ff821aca5c3e7da192b47288e6f5998209ff9672e660a4?s=96&d=mm&r=g","caption":"Sudhesh Suresh"},"url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/author\/v-sudhsu\/"}]}},"bloginabox_animated_featured_image":null,"bloginabox_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Power Platform Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/posts\/141","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/users\/128"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/comments?post=141"}],"version-history":[{"count":1,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/posts\/141\/revisions"}],"predecessor-version":[{"id":131148,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/posts\/141\/revisions\/131148"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/media?parent=141"}],"wp:term":[{"taxonomy":"audience","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/audience?post=141"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/content-type?post=141"},{"taxonomy":"job-role","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/job-role?post=141"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/product?post=141"},{"taxonomy":"property","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/property?post=141"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/topic?post=141"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/coauthors?post=141"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}