Disable The Power Apps Permissions Pop-Up (Bypass Consent Form)

Disable The Power Apps Permissions Pop-Up (Bypass Consent Form)

When a user opens the Power Apps canvas app for the first-time they see a message “Almost there… the app needs your permission to use the following. Please allow the permissions to proceed.” This is potentially confusing to the user because they are not sure what they are approving. In this article, I will show you how to disable the Power Apps permissions pop-up and make it stop appearing for users.

Table of Contents
• Introduction: The Power Apps Permissions FormWrite A PowerShell Cmdlet To Bypass The Power Apps Permissions FormGet The Power Platform Environment IDObtain The Canvas App Unique IDOpen Windows PowerShell In Administrator ModeOptional Step: Install The Power Apps Administration Power Shell ModuleEnter The PowerShell Cmdlet To Bypass ConsentTest The Power Apps Canvas App To Ensure The Permissions Form Is Turned Off

A user opening a Power Apps canvas app sees this pop-up known as the Power Apps consent form. It asks the user permission to create a new connection to the online services used in the app. We want to prevent this form from showing.

We can use a PowerShell cmdlet to make the Power Apps consent form stop appearing. To do this, we will need to obtain the environment name GUID, the app name GUID and then use them in the PowerShell cmdlet below.

Set-AdminPowerAppApisToBypassConsent -EnvironmentName [Guid] -AppName [Guid]




Get The Power Platform Environment ID

To find the Power Platform environment ID for app the app open make.powerapps.com and navigate the environment where the app is located. Then go to the Settings menu and select Developer resources.



Copy the Environment ID from the Developer resources menu…



…and paste it into Windows notepad for safe-keeping until we need it.

Default-f1b8b509-50a4-4a5c-8e48-bf3d3e7c10ed




Obtain The Canvas App Unique ID

Next, we will get the canvas app unique ID. Click the three dots beside the canvas app and then select Details.



Copy the App ID from the Details menu…



…and paste it into notepad alongside the Environment ID.

9a6d22d6-79a2-4d32-8abd-747a1d8ebcb0




Open Windows PowerShell In Administrator Mode

Go to the Windows start menu and search for Windows Powershell. Run Windows PowerShell as an administrator. There will likely be multiple versions of PowerShell installed on your machine. Ensure you select the proper one.




Optional Step: Install The Power Apps Administration Power Shell Module

If you have never used a Power Apps Administration PowerShell cmdlet before you will need to install the module.



Type these commands into the PowerShell console. Enter a username and password when the Microsoft 365 login prompt appears.

Install-Module -Name Microsoft.PowerApps.Administration.PowerShell
Install-Module -Name Microsoft.PowerApps.PowerShell -AllowClobber

Once the Power Apps administration library is installed we can input the cmdlet to bypass the consent form.



Write this PowerShell command in the console. Supply the environment name and app name GUIDs we gathered earlier in the tutorial>

Set-AdminPowerAppApisToBypassConsent -EnvironmentName Default-f1b8b509-50a4-4a5c-8e48-bf3d3e7c10ed -AppName 9a6d22d6-79a2-4d32-8abd-747a1d8ebcb0



Run the command by pressing enter. The PowerShell console should look like this if the command executed successfully.

To test that the permissions form is no longer appearing to end-users, ask a user who is seeing the prompt to play the app.



If the permissions form does not appear then we can confirm that the user is no longer required to give consent.





Questions?

If you have any questions or feedback about Disable The Power Apps Permissions Pop-Up (Bypass Consent Form) please leave a message in the comments section below. You can post using your email address and are not required to create an account to join the discussion.

Matthew Devaney

Subscribe
Notify of
guest

60 Comments
Oldest
Newest
Inline Feedbacks
View all comments
Peter C.
Peter C.
1 year ago

Hey Matt, just a heads up. This doesn’t work for all connectors. It should work for all Microsoft connectors. Spatial Services for example is provided by Tom Tom and cannot be bypassed.

Dillion C
Dillion C
1 year ago

Is there a way to apply this to other connectors?

Bill Young
Bill Young
1 year ago

My view is that this shouldn’t be a thing but rather that we should be able to append to or amend the message provided. Being able to provide a link to a page qualifying the security issues would be significantly better than the current options of on or ‘off via powershell’
Great post, though, Matt, as always

Last edited 1 year ago by Bill Young
Niels
Niels
1 year ago

This requires you to be an Office 365 Global admin, right?

Jean-Paul
Jean-Paul
1 year ago

Does this also work for Power Automate flows that are triggered via a selected SharePoint item?

Valerie Fahel-Schaffer
Valerie Fahel-Schaffer
1 year ago

Thanks, Matthew! I wish there was a way to do a loop where it pulls in all the App IDs in an environment and disables the consent form. Sigh.

Vits
Vits
1 year ago

Hello,
Thank you for this.
I ran the PS cmd first time it stated:
WARNING: The names of some imported commands from the module ‘Microsoft.PowerApps.AuthModule’ include unapproved verbs that might make them less discove
rable. To find the commands with unapproved verbs, run the Import-Module command again with the Verbose parameter. For a list of approved verbs, type Ge
t-Verb.
but still got the status code 200
When testing I still got prompted SP permissions.
So I reran the PS script but got a 204:
StatusCode    : 204
StatusDescription : No Content
Content      : {}
RawContent    : HTTP/1.1 204 No Content

Stephens
Stephens
8 months ago
Reply to  Vits

I am getting the 204 status code now too. When I ran it the first time, it worked great. When I run it for a second app, I get 204.

Nic
Nic
1 year ago

We did this last year for a new Power App that was launched for all of our users to use…A large number of our personnel work out in the field and are not used to being logged into Office 365 for their day-to-day work (we don’t have mobile access yet for security reasons) – and those users ran into issues because they weren’t already logged into those data connections. So bypassing the screen didn’t give them a chance to log in before clicking the “Allow” button and then the app would try to load but give error messages. Now that our agency has been using SharePoint Online more and more, I haven’t heard of this still being much of an issue – maybe our IT people figured out a way to incorporate the single sign on with this bypass step so that it’ll automatically log people in AND bypass the message? I don’t know. But just wanted to mention it in case others run into issues.

Guillaume
Guillaume
1 year ago
Reply to  Nic

Hi Matthew,

If you disable the consent form for an app developed in a dev environment, as part of a solution, and then you export the solution to a test or Prod environment, does this consent form need to be disabled again for the app in the target environments?

Justin L
Justin L
1 year ago
Reply to  Nic

So, essentially, if the user has already connected to the needed connectors, this should work, but if they haven’t, we are likely to run into issues?

Lorenzo P
Lorenzo P
5 months ago

Hi! My Almost There screen removed a lot of the connectors except for Approvals, DocuSign, and Content Conversion. Are all 3 of these not M365 connectors?

Meena
Meena
1 year ago

Hey Matt,

What will be roll back plan if any issue happens after applying the changes for disabling the power apps permission pop up?

Last edited 1 year ago by Meena
Yogi
Yogi
1 year ago

This one is good

Anthony Charles
Anthony Charles
1 year ago

Your content is always great, always relevant, and well explained. Thank you!

Ciarán
Ciarán
1 year ago

Is this a run-once / permanent change or will I need to re-run the scripts again after a certain period of time? Thanks.

Ciarán
Ciarán
1 year ago

Thanks Matthew.

Alex
Alex
1 year ago

In our dev, we ran into an issue when a user was asked every time he launched the app. What would cause that?

Brett Ross
Brett Ross
1 year ago

When I run this, I get the error below. Any idea why?

Invoke-WebRequest : {“error”:{“code”:”BusinessAppPlatformRequestFailed”,”message”:”The request failed with client
error: ‘The environment ” could not be found in the tenant ‘<my tenant id>‘. The correlation
Id is ‘57397322-dea5-4ba5-98ff-d7df1cbd5e0d’.”,”details”:[{“code”:”MultipleErrorsOccurred”,”message”:”Multiple errors
occurred. Please see details.”,”details”:[{“code”:”EnvironmentNotFound”,”message”:”The environment ” could not be
found in the tenant ‘<my tenant id>‘.”}]},{“code”:”FullNonLocalizedError”,”message”:”{\”error\”:{
\”code\”:\”EnvironmentNotFound\”,\”message\”:\”The environment ” could not be found in the tenant
<my tenant id>‘.\”}}”}]}}
At C:\Program Files\WindowsPowerShell\Modules\Microsoft.PowerApps.Administration.PowerShell\2.0.170\Microsoft.PowerApps
.RestClientModule.psm1:80 char:25
+ … $response = Invoke-WebRequest -Uri $Uri -Headers $Headers -Method $Me …
+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  + CategoryInfo     : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebExc
  eption
  + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

Timmy
Timmy
6 months ago
Reply to  Brett Ross

Did you ever resolve this issue?

Timmy
Timmy
5 months ago
Reply to  Timmy

Resolved this. Additional steps were required running this in the GCC (government) cloud environment

Anonymous
Anonymous
5 months ago
Reply to  Timmy

Care to share what steps you took? Running into similar issues.

Brett Ross
Brett Ross
2 months ago
Reply to  Timmy

I never did resolve this. What additional steps did you take? I’m in the GCC cloud as well.

Alfwyn
Alfwyn
2 months ago
Reply to  Brett Ross

For GCC needed to modify the Add Account cmdlet, see the following for more info: https://github.com/microsoft/Federal-Business-Applications/blob/main/demos/powershell-gov-samples/README.md#power-apps

LRas
LRas
2 months ago
Reply to  Alfwyn

Thank you for sharing the link, very helpful

Samir Patel
Samir Patel
2 months ago
Reply to  Brett Ross

Can you please also help me resolve this I am also using the GCC cloud and I am not able to resolve this issue.

Sunny P.
Sunny P.
2 months ago
Reply to  Brett Ross

use the following command before running the last command:::

Add-PowerAppsAccount -Endpoint “usgov”

LRas
LRas
2 months ago
Reply to  Sunny P.

It worked for me using this command. Thank you so much!

Data
Data
11 months ago

From a Data Privacy perspective, shouldn’t users have transparency to see what permissions they are granting to the Power App before they use the App?

Venkata Rami
Venkata Rami
9 months ago

Hello,

I have used same bove approach to bypass the sig-in, but for MSN weather apps not working, it would be great if we get any help on saem?

Dana Evans
Dana Evans
9 months ago

I ran the Powershell script to bypass consent form but users are still getting the prompt for Microsoft Entra. Any ideas on how to bypass that consent? Does that need done in the Entra Admin Center?

Jase
Jase
3 months ago
Reply to  Dana Evans

Did you find an answers to this?

Last edited 3 months ago by Jase
Leo
Leo
1 month ago
Reply to  Jase

Were you able to find out?

Saraswathy K
Saraswathy K
9 months ago

Hi Matthew,

Hope you are doing well. Thank you for the Great Article. I have followed the exact steps and the PowerShell Command was successful.

But still I am unable to get rid of that Permission Pop-up for the below connectors( This issue persists for both External and Internal users)

Looking for your response at the earliest.

Thank you!!!!

Permission screenshot.JPG
Robin Roy
Robin Roy
8 months ago

Hi Matt,

Could you please let me know what is the minimum permission level required to be able to successfully execute the command?

David Cartwright
David Cartwright
8 months ago

Will this work for a Model Driven App? If not, is there an equivalent for an MDA? Thanks in advance.

Phill Harris
Phill Harris
6 months ago

Thanks for this Matthew. I applied the PowerShell command to a custom PowerApps SharePoint list form–it is not a Power App per se. I thought it seemed to work. The App ID I used in the script is from a Settings page I see while the custom form is being edited. I tried the fix with a generic tenant account and while a little clunky, it eventually bypassed the permissions prompt. However, another user still gets the prompt regardless. Any thoughts on why she is still getting it?