{"id":756,"date":"2019-01-30T08:00:00","date_gmt":"2019-01-30T16:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/"},"modified":"2025-06-11T08:05:23","modified_gmt":"2025-06-11T15:05:23","slug":"advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/","title":{"rendered":"Advanced | Flow of The Week: Role Based Security in PowerApps using Flow &#038; SharePoint Groups"},"content":{"rendered":"<p>What&#8217;s up Flow Fans!?<\/p>\n<p>Our FOTW This week comes from Geetha Sivasailam.<\/p>\n<p>Geetha is a Collaboration &amp; Custom App Dev consultant with Artis Consulting (<a href=\"http:\/\/www.artisconsulting.com\/\">http:\/\/www.artisconsulting.com\/<\/a>\u00a0) a Microsoft Partner, delivering business solutions leveraging O365, Microsoft Business Applications, Custom App Dev implementations and various emerging technologies.\u00a0 She is a Power Platform enthusiast and is passionate about enabling others to expand their possibilities and act more effectively with emerging tools, trends and technologies. Follow her on twitter (<a href=\"https:\/\/twitter.com\/GSiVed\">https:\/\/twitter.com\/GSiVed<\/a>\u00a0) or on <a href=\"https:\/\/svaghub.wordpress.com\/about\/\">her Blog<\/a><\/p>\n<p>With no further adieu, here is her post!<\/p>\n<p><span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\"><b><\/b>Enabling role based security in PowerApps controlled by SharePoint Security Groups has been a common customer ask.\u00a0For example, can you make an Admin screen that is visible only to users who belong to a specific SharePoint Security Group? Yes, you can and this is where Microsoft Flow comes to the rescue!<\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">This blog post is an attempt to share an approach for finding out the SharePoint Group membership of a signed in user and\u00a0make certain features or screens of an app available to them.<\/span><br \/>\n<b><span style=\"margin: 0px; padding: 0in; border: 1pt windowtext; color: #444444; font-family: 'inherit',serif; font-size: 20.5pt;\">Prerequisites<\/span><\/b><b><\/b><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Create a SharePoint security group with members that you would want to use for role based security in your PowerApps App and navigate to the group settings .<\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\"><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignleft size-full wp-image-757\" height=\"201\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/1.jpg\" width=\"329\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/1.jpg 329w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/1-300x183.jpg 300w\" sizes=\"auto, (max-width: 329px) 100vw, 329px\" \/><\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\"><br \/>\nAnd enable \u201cEveryone\u201d access to view the members of this group<img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignleft size-full wp-image-758\" height=\"82\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/2.jpg\" width=\"698\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/2.jpg 698w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/2-300x35.jpg 300w\" sizes=\"auto, (max-width: 698px) 100vw, 698px\" \/><br \/>\n<\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">We will be creating a Flow to check group membership using a SharePoint HTTP REST call. Users triggering the Flow from your app may not necessarily have admin privileges to read group membership details. To enable all users to read group membership it is necessary to allow \u201cEveryone\u201d to view\u00a0members of the security group.<\/span><br \/>\n<b><span style=\"margin: 0px; padding: 0in; border: 1pt windowtext; color: #444444; font-family: 'inherit',serif; font-size: 20.5pt;\">Steps<\/span><\/b><b><\/b><\/p>\n<ul type=\"disc\">\n<li style=\"background: #fcfcfc; margin: 0px; color: #444444; line-height: normal; font-family: 'inherit',serif; font-size: 13.5pt; font-style: normal; font-weight: 400; vertical-align: baseline;\"><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">Create a blank flow using a Site Collection Admin\/Flow owner account.<\/span><\/li>\n<li style=\"background: #fcfcfc; margin: 0px; color: #444444; line-height: normal; font-family: 'inherit',serif; font-size: 13.5pt; font-style: normal; font-weight: 400; vertical-align: baseline;\"><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">Add a PowerApps Trigger step so you can call this Flow from the app. Then add an Initialize variable step to store a boolean value (IsAdministrator). Next add another Initialize variable step with a string variable (UserGroupInfo) to store the user group information we will be retrieving in the next step.<\/span><\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignleft size-full wp-image-759\" height=\"287\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/3.jpg\" width=\"381\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/3.jpg 381w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/3-300x226.jpg 300w\" sizes=\"auto, (max-width: 381px) 100vw, 381px\" \/><\/p>\n<ul type=\"disc\">\n<li style=\"background: #fcfcfc; margin: 0px; color: #444444; line-height: normal; font-family: 'inherit',serif; font-size: 13.5pt; font-style: normal; font-weight: 400; vertical-align: baseline;\"><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">Search for \u2018Send an HTTP request to SharePoint\u2019 action under SharePoint actions and add it. Now let\u2019s configure this action to make a SharePoint REST call to determine user group membership.<\/span><\/li>\n<\/ul>\n<p><b><span style=\"margin: 0px; padding: 0in; border: 1pt windowtext; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Site Address<\/span><\/b><span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">: Select the site collection where your SharePoint Security group exists<\/span><br \/>\n<b><span style=\"margin: 0px; padding: 0in; border: 1pt windowtext; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Method<\/span><\/b><span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">: Get<\/span><br \/>\n<b><span style=\"margin: 0px; padding: 0in; border: 1pt windowtext; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Uri<\/span><\/b><span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">: api\/web\/sitegroups\/getByName(\u2018SP Group Name\u2019)\/Users?$filter=Email eq \u2018\u2019<\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Replace \u2018SP Group Name\u2019 with your group name. Place cursor in between the single quotes after $filter=Email eq and select \u2018Ask In PowerApps\u2019 under manual content. This will auto generate a variable name that will be used as an input parameter for this Flow. The goal here is to pass the logged in user\u2019s email id as a parameter from PowerApps to Flow.<\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Below is how the action looks after configuration. \u2018RequestAdmins\u2019 is the SharePoint User Group I used for this example.<\/span><br \/>\n<img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignleft size-full wp-image-760\" height=\"199\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/4.jpg\" width=\"676\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/4.jpg 676w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/4-300x88.jpg 300w\" sizes=\"auto, (max-width: 676px) 100vw, 676px\" \/><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">This REST call will return an empty object if the user is not member of the group.<\/span><br \/>\n<img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignleft size-full wp-image-761\" height=\"101\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/5.jpg\" width=\"145\"\/><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">It will return an object with User properties in the following format if the user is a member of the group.<\/span><br \/>\n<img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignleft size-full wp-image-762\" height=\"507\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/6.jpg\" width=\"402\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/6.jpg 402w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/6-238x300.jpg 238w\" sizes=\"auto, (max-width: 402px) 100vw, 402px\" \/><\/p>\n<ul type=\"disc\">\n<li style=\"background: #fcfcfc; margin: 0px; color: #444444; line-height: normal; font-family: 'inherit',serif; font-size: 13.5pt; font-style: normal; font-weight: 400; vertical-align: baseline;\"><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">Now that we have an output from the REST call above, we can parse it to extract the results section. Add a \u2018Set Variable\u2019 action to set the variable \u2018UserGroupInfo\u2019 created earlier with the value set to expression\u00a0<b>body(<\/b>\u2018CheckUserGroup\u2019<b>)<\/b>[\u2018d\u2019][\u2018results\u2019]<\/span><\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignnone size-full wp-image-763\" height=\"191\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/7.jpg\" width=\"676\"\/><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Here \u2018CheckUserGroup\u2019is the name of the previous action. If your action name has spaces, replace the spaces with underscore (_) character. At this stage, we have extracted the results which can be used to determine if the User is a member of the group.<\/span><\/p>\n<ul type=\"disc\">\n<li style=\"background: #fcfcfc; margin: 0px; color: #444444; line-height: normal; font-family: 'inherit',serif; font-size: 13.5pt; font-style: normal; font-weight: 400; vertical-align: baseline;\"><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">Add a \u2018Condition\u2019 step to evaluate the results value. If the results object is empty then the user is not a member.<\/span><\/li>\n<\/ul>\n<p><span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Use the expression @not(equals(variables(\u2018UserGroupInfo\u2019), \u2018[]\u2019)) to evaluate the object.<\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">\u2018UserGroupInfo\u2019 is the variable used to store the object value and \u2018[]\u2019 compares to an empty object.<\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Set the variable \u2018IsAdministrator\u2019 that was initialized earlier to true if the condition evaluated to be true. If not, set it to be false.<\/span><br \/>\n<img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignnone size-full wp-image-764\" height=\"266\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/8.jpg\" width=\"676\"\/><\/p>\n<ul type=\"disc\">\n<li style=\"background: #fcfcfc; margin: 0px; color: #444444; line-height: normal; font-family: 'inherit',serif; font-size: 13.5pt; font-style: normal; font-weight: 400; vertical-align: baseline;\"><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">One final step in the flow would be to pass the results of our user group membership check back to PowerApps as an output parameter that can be used to enable certain features of the app for the logged in user. Add \u2018Respond to PowerApps\u2019 action and choose a text output. An output of type boolean would have been ideal but is not available at this time and we\u2019ll stick to a text output. Provide a name for the text output parameter (I used \u2018IsAdminUser\u2019) and set the value to variable \u2018IsAdministrator\u2019.<\/span><\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignnone size-full wp-image-765\" height=\"172\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/9.jpg\" width=\"561\"\/><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Here\u2019s how entire Flow looks like and it\u2019s time to save it and see it in action.<\/span><br \/>\n<img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignnone size-full wp-image-766\" height=\"386\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/10.jpg\" width=\"715\"\/><\/p>\n<ul type=\"disc\">\n<li style=\"background: #fcfcfc; margin: 0px; color: #444444; line-height: normal; font-family: 'inherit',serif; font-size: 13.5pt; font-style: normal; font-weight: 400; vertical-align: baseline;\"><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">Now that we have Flow ready, let\u2019s implement and test it on the app. Navigate to your PowerApps app, create a new blank screen, click on Properties dropdown and select the \u2018OnVisible\u2019 event of the screen. Next click on the \u2018Action\u2019 tab and select \u2018Flows\u2019. Select the Flow you created to add it to the formula bar\u00a0to associate the Flow to the \u2018OnVisible\u2019 event of the screen. Type the below functions on the \u2018OnVisible\u2019 formula bar.<\/span><\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignnone size-full wp-image-767\" height=\"365\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/11.jpg\" width=\"457\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/11.jpg 457w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/11-300x240.jpg 300w\" sizes=\"auto, (max-width: 457px) 100vw, 457px\" \/><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">First we are creating a variable (isAdmin) to store the user group membership status in Boolean format and setting the default value to be false. Next we are triggering the Flow ( \u2018CheckUserPermission\u2019 is the name of the Flow I created) and passing in an encoded format of the current logged in user\u2019s email as the input parameter.<\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">The output returned from Flow is being stored in a variable \u2018UserGroupInfo\u2019. Lastly, we are validating the value of the output parameter \u2018isadminuser\u2019 we configured earlier and setting the \u2018isAdmin\u2019 variable with Boolean equivalent.<\/span><\/p>\n<ul type=\"disc\">\n<li style=\"background: #fcfcfc; margin: 0px; color: #444444; line-height: normal; font-family: 'inherit',serif; font-size: 13.5pt; font-style: normal; font-weight: 400; vertical-align: baseline;\"><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">Drop a button on the screen and set the \u201cVisible\u2019 property of the button to variable \u2018isAdmin\u2019. This will show\/hide the button based on the value of the variable. You can set the \u2018OnSelect\u2019 event of the button to navigate to an Admin Only Screen.<\/span><\/li>\n<\/ul>\n<p><span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">And we are done! Publish the app and run. If all goes well, you should see that the flow ran successfully.<\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">On the app side, Flow is triggered (when the screen is visible) with the current user\u2019s encoded email id as the input parameter which in turns makes a SharePoint Rest Call to determine the user\u2019s membership.It returns a Text output of value \u201cTrue\u201d or \u201cFalse\u201d. The app then validates the returned value and shows\/hides the button based on the user\u2019s group membership.<\/span><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Here\u2019s how my sample app looks like if the current user is an admin:<\/span><br \/>\n<img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignnone size-full wp-image-768\" height=\"276\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/12.jpg\" width=\"492\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/12.jpg 492w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/12-300x168.jpg 300w\" sizes=\"auto, (max-width: 492px) 100vw, 492px\" \/><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">If the current user is not an admin then the admin button is hidden.<\/span><br \/>\n<img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"alignnone size-full wp-image-769\" height=\"281\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/13.jpg\" width=\"500\"\/><br \/>\n<b><span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Resources<\/span><\/b><br \/>\n<span style=\"margin: 0px; color: #444444; font-family: 'inherit',serif; font-size: 13.5pt;\">Here are some resources I found to be very useful to help design this solution:<\/span><\/p>\n<ul type=\"disc\">\n<li style=\"background: #fcfcfc; margin: 0px; color: #444444; line-height: normal; font-family: 'inherit',serif; font-size: 13.5pt; font-style: normal; font-weight: 400; vertical-align: baseline;\"><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">Doctor Flow\u2019s\u00a0<\/span><span style=\"margin: 0px; padding: 0in; border: 1pt windowtext; color: #10759c; font-family: 'inherit',serif; font-size: 13.5pt;\"><a href=\"https:\/\/sergeluca.wordpress.com\/tag\/sharepoint-rest-api-flow\/\">post<\/a><\/span><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">\u00a0how you can use SharePoint REST APIs in Flow<\/span><\/li>\n<li style=\"background: #fcfcfc; margin: 0px 0px 10.66px; color: #444444; line-height: normal; font-family: 'inherit',serif; font-size: 13.5pt; font-style: normal; font-weight: 400; vertical-align: baseline;\"><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">For those interested in the SharePoint REST\/OData API, you can find the complete set of REST\/OData APIs\u00a0<\/span><span style=\"margin: 0px; padding: 0in; border: 1pt windowtext; color: #10759c; font-family: 'inherit',serif; font-size: 13.5pt;\"><a href=\"https:\/\/docs.microsoft.com\/en-us\/sharepoint\/dev\/sp-add-ins\/get-to-know-the-sharepoint-rest-service\">here<\/a><\/span><span style=\"margin: 0px; font-family: 'inherit',serif; font-size: 13.5pt;\">.<\/span><\/li>\n<\/ul>\n<p><span style=\"color: #000000; font-family: Calibri;\">\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Enabling role based security in PowerApps controlled by SharePoint Security Groups has been a common customer ask. For example, can you make an Admin screen that is visible only to users who belong to a specific SharePoint Security Group? Yes, you can and this is where Microsoft Flow comes to the rescue!<br \/>\nThis blog post is an attempt to share an approach for finding out the SharePoint Group membership of a signed in user and make certain features or screens of an app available to them.<\/p>\n","protected":false},"author":348,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","_alt_title":"","ms-ems-related-posts":[],"footnotes":""},"audience":[3378],"content-type":[],"job-role":[],"product":[3474],"property":[],"topic":[],"coauthors":[2899],"class_list":["post-756","post","type-post","status-publish","format-standard","hentry","audience-it-professional","product-power-automate"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Advanced | Flow of The Week: Role Based Security in PowerApps using Flow &amp; SharePoint Groups - Microsoft Power Platform Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Advanced | Flow of The Week: Role Based Security in PowerApps using Flow &amp; SharePoint Groups - Microsoft Power Platform Blog\" \/>\n<meta property=\"og:description\" content=\"Enabling role based security in PowerApps controlled by SharePoint Security Groups has been a common customer ask. For example, can you make an Admin screen that is visible only to users who belong to a specific SharePoint Security Group? Yes, you can and this is where Microsoft Flow comes to the rescue! This blog post is an attempt to share an approach for finding out the SharePoint Group membership of a signed in user and make certain features or screens of an app available to them.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Power Platform Blog\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-30T16:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-11T15:05:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"329\" \/>\n\t<meta property=\"og:image:height\" content=\"201\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jonathon Levesque\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jonathon Levesque\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/author\/jonathon-levesque\/\",\"@type\":\"Person\",\"@name\":\"Jonathon Levesque\"}],\"headline\":\"Advanced | Flow of The Week: Role Based Security in PowerApps using Flow &#038; SharePoint Groups\",\"datePublished\":\"2019-01-30T16:00:00+00:00\",\"dateModified\":\"2025-06-11T15:05:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/\"},\"wordCount\":1185,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/1.jpg\",\"keywords\":[\"Flow of the Week\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/\",\"name\":\"Advanced | Flow of The Week: Role Based Security in PowerApps using Flow & SharePoint Groups - Microsoft Power Platform Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/1.jpg\",\"datePublished\":\"2019-01-30T16:00:00+00:00\",\"dateModified\":\"2025-06-11T15:05:23+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#primaryimage\",\"url\":\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/1.jpg\",\"contentUrl\":\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/1.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Advanced | Flow of The Week: Role Based Security in PowerApps using Flow &#038; SharePoint Groups\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/\",\"name\":\"Microsoft Power Platform Blog\",\"description\":\"Innovate with Business Apps\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization\",\"name\":\"Microsoft Power Platform Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png\",\"width\":194,\"height\":145,\"caption\":\"Microsoft Power Platform Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/person\/017e233f3881f5857f3e7f6f221ef772\",\"name\":\"Jonathon Levesque\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/41fc5b54c4eaedb81f310f27ac37ee7ddeb02a9c5a0fe4616693f664bd6a1d7c?s=96&d=mm&r=g42ef9de3d3e22347884fca1cf41497c5\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/41fc5b54c4eaedb81f310f27ac37ee7ddeb02a9c5a0fe4616693f664bd6a1d7c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/41fc5b54c4eaedb81f310f27ac37ee7ddeb02a9c5a0fe4616693f664bd6a1d7c?s=96&d=mm&r=g\",\"caption\":\"Jonathon Levesque\"},\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/author\/jolevesq\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Advanced | Flow of The Week: Role Based Security in PowerApps using Flow & SharePoint Groups - Microsoft Power Platform Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/","og_locale":"en_US","og_type":"article","og_title":"Advanced | Flow of The Week: Role Based Security in PowerApps using Flow & SharePoint Groups - Microsoft Power Platform Blog","og_description":"Enabling role based security in PowerApps controlled by SharePoint Security Groups has been a common customer ask. For example, can you make an Admin screen that is visible only to users who belong to a specific SharePoint Security Group? Yes, you can and this is where Microsoft Flow comes to the rescue! This blog post is an attempt to share an approach for finding out the SharePoint Group membership of a signed in user and make certain features or screens of an app available to them.","og_url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/","og_site_name":"Microsoft Power Platform Blog","article_published_time":"2019-01-30T16:00:00+00:00","article_modified_time":"2025-06-11T15:05:23+00:00","og_image":[{"width":329,"height":201,"url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/01\/1.jpg","type":"image\/jpeg"}],"author":"Jonathon Levesque","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Jonathon Levesque","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/author\/jonathon-levesque\/","@type":"Person","@name":"Jonathon Levesque"}],"headline":"Advanced | Flow of The Week: Role Based Security in PowerApps using Flow &#038; SharePoint Groups","datePublished":"2019-01-30T16:00:00+00:00","dateModified":"2025-06-11T15:05:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/"},"wordCount":1185,"commentCount":0,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#primaryimage"},"thumbnailUrl":"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/1.jpg","keywords":["Flow of the Week"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/","name":"Advanced | Flow of The Week: Role Based Security in PowerApps using Flow & SharePoint Groups - Microsoft Power Platform Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#primaryimage"},"thumbnailUrl":"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/1.jpg","datePublished":"2019-01-30T16:00:00+00:00","dateModified":"2025-06-11T15:05:23+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#primaryimage","url":"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/1.jpg","contentUrl":"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/01\/1.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/2019\/01\/30\/advanced-flow-of-the-week-role-based-security-in-powerapps-using-flow-sharepoint-groups\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/"},{"@type":"ListItem","position":2,"name":"Advanced | Flow of The Week: Role Based Security in PowerApps using Flow &#038; SharePoint Groups"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/","name":"Microsoft Power Platform Blog","description":"Innovate with Business Apps","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization","name":"Microsoft Power Platform Blog","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png","width":194,"height":145,"caption":"Microsoft Power Platform Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/person\/017e233f3881f5857f3e7f6f221ef772","name":"Jonathon Levesque","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/41fc5b54c4eaedb81f310f27ac37ee7ddeb02a9c5a0fe4616693f664bd6a1d7c?s=96&d=mm&r=g42ef9de3d3e22347884fca1cf41497c5","url":"https:\/\/secure.gravatar.com\/avatar\/41fc5b54c4eaedb81f310f27ac37ee7ddeb02a9c5a0fe4616693f664bd6a1d7c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/41fc5b54c4eaedb81f310f27ac37ee7ddeb02a9c5a0fe4616693f664bd6a1d7c?s=96&d=mm&r=g","caption":"Jonathon Levesque"},"url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/author\/jolevesq\/"}]}},"bloginabox_animated_featured_image":null,"bloginabox_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Power Platform Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/posts\/756","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/users\/348"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/comments?post=756"}],"version-history":[{"count":1,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/posts\/756\/revisions"}],"predecessor-version":[{"id":130958,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/posts\/756\/revisions\/130958"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/media?parent=756"}],"wp:term":[{"taxonomy":"audience","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/audience?post=756"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/content-type?post=756"},{"taxonomy":"job-role","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/job-role?post=756"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/product?post=756"},{"taxonomy":"property","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/property?post=756"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/topic?post=756"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/coauthors?post=756"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}