Automating the Provisioning of Selective Teams with Guest Access: Part 4— Enhanced User Interface with Power Apps and Teams

Series Contents

• Introduction
• History & Background
• Part 1: Application Authentication — Azure AD Application Registrations
• Part 2: Request Storage — SharePoint
• Part 3: Request Process Automation — Microsoft Power Automate & Microsoft Graph
• Part 3.5: Flow Enhancements
• Part 4: Enhanced User Interface — PowerApps and Teams (you are here)
• Part 4.1: Governing the ‘Viral’ Creation of Teams
• Part 5: Next Steps — Security

Bringing it all together

In this article, we show off how we bring all the parts of our solution together in a location that can be used by all.

New Teams Request Demo

To bring all of our earlier work together, we utilize a canvas-based Power App as the interface to provide the request. Because we want to provide a common location that is available to all across the organization we embed it in Teams.

Embedding a Power App in Teams is one of the most powerful ways to provide additional capabilities or applications, to individuals in your organization, without making them leave the work that they’re already doing in Teams. Apps can be added as individual tabs in Team Channels, but in our case, because it’s org-wide, we add it to the left rail for everybody.

Walkthrough

The video above shows a split-screen view of the requester (left) and their manager (right). The request process:
1. Receives the request
2. Notifies the requester that they submitted a request for a Team via a 1:1 chat message in Teams
3. Send an Approval request to the person’s manager via a 1:1 chat message in Teams
4. Provision the Team if approved, and provide notifications of the process via 1:1 chat messages in Teams (or provides rejection notifications if rejected)

App Construction

The application is a relatively simple one. Below is a high-level path to constructing it and not a step-by-step/detailed walkthrough. But, with the information below, and the video above, it shouldn’t be too hard to create your own.

• The app, called New Team, was created as a Canvas app using the Blank app template with the Tablet layout
• Connect it to the SharePoint Connector in your Data Sources, and wire it up to your SharePoint List (Team Requests)
• The event to submit your data back into SharePoint is the SubmitForm(formname) event. Place this on the OnSelect event of your submit button
• The event to clear your form data is the ResetForm(formname) event. Place this on the OnSelect event of your clear button
• Change the various properties to the objects to match your branding desires, company brand compliance, etc.

App Installation into Teams

One of the most recent enhancements to the platform has been how to add a Power App to Teams. When you select your app in the apps list, you can then click the Add to Teams button.

Clicking this button will create the application package (in a .zip file) and download it to your local machine.

From here, you can go to the listing of all your apps in Teams, and, if you have the proper permissions, upload it here for your organization.

Once added, individuals will then see the app on the left rail. And the visibility of these applications can be controlled by Teams App Setup Policies, allowing you to target them to specific groups/people.

Conclusion…

So, that was a bit of a journey in how to provide a more governed process for the creation of Teams, while also providing enhanced capabilities like per-Team Guest Access. And, we rolled all that together in a Power App that we embedded in Teams for all people to access.

…or is it?

So, we just created a process that allows us to invite Guests into our tenant while also providing the ability to scope that guest access on a per-Team basis. But, we also just allowed guests to be invited in and collaborate without any rules around them. How do we protect our information? How do I know if a Guest is still allowed in? How do I prevent a Guest from taking information out? In layman’s terms, we just gave a guest a key to our house, how do I keep them from leaving with my stuff?

Next Step: Security and Compliance

We have a very robust set of services within Office 365 that provides us the ability in insert security and compliance rules around our information, to make sure it’s safe, protected, and secure. In the next article in the series, we’ll talk about a few of the ways to protect your information, so people can be productive, while still keeping your information safe.