Feedback by UserVoice

How can we improve compliance or protect your users better in Office 365?

← Office 365 Security & Compliance

SharePoint list connected Flow and PowerApp creation security requirements need fixing

SharePoint list management permissions appear to be ignored by Flow. A user should not be able to create and save a flow connected to a list if they cannot create a standard workflow on that list. This could allow a user to hack around a standard workflow that is supposed to handle stages of approval, etc, by creating a flow to update fields.

A user without appropriate permissions to create a list form should not be able to create a PowerApp for a SharePoint list.

14 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Dan C shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment

Office 365 Security & Compliance: Advanced Security Management

Categories

Feedback and Knowledge Base

(thinking…)

Related Sites