This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 90%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJJ%3C/text%3E%3C/svg%3E)
We have a travel request application. where a user submit a request where it should go into 2 stages of approval process before it gets Final Approval.
Now we did the following:-
1) Create a SharePoint list which contain those fields; Title, Description, StareDate, EndDate, FirstApproval (the requestor direct manager), SecondApproval (the requester regional approval), Statues (system-generated with those options; open, first-approved, second-approved, Final-Approved).
2) Power Apps, which send emails to the first-approval and the second-approval users , and show-hide the Approved & Reject buttons based on the item status.
3) Power Automate,to set item-level permissions, so for example when the item needs first-approval only the approval's direct manager can edit the item, while all stakeholders can read-only.
Now the process is not 100% secure, as a requestor using API call or using SharePoint built-in forms, can easily create a new request and define its status as Final-Approved. so in other words the requestor can bypass the Power Apps business logic. so how we can secure our process? so if an item has a status = "Final-Approved", then we can 100% sure that it actually went through the 2 approvals users? Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Power apps is not currently supported here on Q&A. The product group for Power apps actively monitors questions over at
https://powerusers.microsoft.com/t5/Power-Apps-Community/ct-p/PowerApps1
--please don't forget to upvote and Accept as answer if the reply is helpful--
@Anonymous this question is 70% SharePoint and 30% power apps/power automate.. that why i posted here..
Hi @john john
Please post the question into power apps community.
However, in your case, you can create customize the list form using power apps and apply logic to show/hide/enable/disable fields/section based on conditions.
I have done something like that in this video.
https://www.youtube.com/watch?v=vzi4NLvBxDY
@Rijwan Ansari OK even if i customize the SharePoint list's forms using power apps,, the users can still interact with the SharePoint list using REST API and bypass any validation inside power apps..