Restrict Web Access to SharePoint List

von riccohippin PowerApps, SharePointan Veröffentlicht am

Blocking web access to a SharePoint list in favor of a PowerApp offers improved security, streamlined user experience, and enhanced performance. By channeling all interactions through the app’s controlled environment, sensitive data remains protected, while users benefit from a seamless, efficient interface designed for optimal productivity. This approach ensures a robust and effective data management system.

Why do we need to block?

When developing a PowerApp with a SharePoint list, allowing users to access the list through web browsers may lead them to bypass the PowerApp altogether. This can result in potential security risks, as users could freely view and manipulate list records if proper access controls are not in place. To prevent this, it’s essential to restrict web access to the SharePoint list and ensure that users interact exclusively through the PowerApp interface.

But it isn’t that forward to restrict access to the List via Webbrowser and maintain the access via the PowerApp.

Step by Step

Prerequisite

  • A PowerApp Connected with the SharePoint List
  • A SharePoint Site (Communication NOT Team)
  • Be Owner of the SharePoint Site
  • (Optional) Test-User

Step 1: Enabled Lockdown Mode

  1. Go to your SharePoint Site
  2. Site Contents -> Site Settings
  3. Under Site Collection Administration select Site collection features
  4. Scroll down until Limited-access user permission lockdown mode
  5. Activate the setting

To make it work now you have to edit the permissions.

Step 2: Create new Permission Level

  1. Click the Gear Icon at the top right
  2. Select Site Permissions
  3. Select Advanced permissions settings
  4. Select Permission Levels
  5. Select the Contributer Level
  6. Scroll down and press Copy Permission Level
  7. Enter a Name for the Permission Level
  8. Deselect View Application Pages under List Permissions
  9. Save it

The last step would be assigning the new Permission Level als Standard Level for Site Members.

Step 3: Assign Permission Level to Members

  1. Go to the Advanced Permission Settings
  2. Select the Member Group
  3. Edit Permissions
  4. Select the newly created Permission Level
  5. Save it

Conclusion

The new Permission Level has been successfully created and assigned to the members. As a result, members now have access to the SharePoint base URL (e.g., contenso.sharepoint.com/sites/Testsite). However, when they attempt to open a list in the browser, they are prompted with an „Access denied“ message.

Despite this, they can still use the PowerApp without encountering any issues, providing the advantage of being able to control the specific content they are allowed to view through the PowerApp interface.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert