web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / SQL Injection: Prevent...
Power Apps
Suggested Answer

SQL Injection: Preventing Sensitive Data Exposure in PowerApps - Masking Headers: x-ms-request-url

(0) ShareShare
ReportReport
Posted on by darkhorse12 26
I’m working on securing PowerApps connections to SQL databases but noticed sensitive information like x-ms-request-url could potentially be exposed, raising concerns about SQL injection risks. While PowerApps is known for its security, I believe there must be a way to prevent these headers from being exposed. Has anyone used Azure API Management (APIM) or Content Security Policy (CSP) for masking headers or preventing potential vulnerabilities? Any suggestions or best practices would be greatly appreciated!

sqlInjection.png
Categories:
Connector development
I have the same question (0)
  • Suggested answer
    SaiRT14 Profile Picture
    SaiRT14 1,990 Super User 2025 Season 2 on at
    Here are the best practices:
     
    APIM acts as a gateway between your PowerApps and SQL databases, enabling you to control, mask, or block sensitive headers.
    Ensure that SQL queries in PowerApps, especially in custom connectors or flows, use parameterized queries:
    Instead of storing connection credentials, use Azure Managed Identity to authenticate PowerApps with SQL databases.
    Ensure SQL endpoints are only accessible from trusted IP ranges or services like APIM.
     
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 477 Most Valuable Professional

#2
MS.Ragavendar Profile Picture

MS.Ragavendar 254 Super User 2025 Season 2

#3
Kalathiya Profile Picture

Kalathiya 245

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans