Power Apps Connection Storage Dive into Secure Mechanisms

Understanding Power Apps Storage: Where are Connection Credential Details Stored?


Power Apps has revolutionized the way businesses connect with external data sources. One common question that arises is: Where does Power Apps store connection credential details? In this article, we will delve into the technicalities of Power Apps’ connection mechanisms and shed light on its secure storage methods. For anyone seeking comprehensive technical support or further assistance, don’t hesitate to contact us.

Many Power Apps developers understand that when creating a connection to an external data source, the credentials are stored securely in the cloud. For the majority, this knowledge suffices. However, for those curious minds who want to delve deeper into the mechanism, read on.

Understanding the Connection Mechanism

At its core, the connection process involves certain components that regular app builders might be familiar with:

  • Connector: This is essentially a formal definition of a REST API that empowers app builders to use REST APIs via Power Apps.
  • Connection: This represents a runtime instance of a connector. When a connection is made from Power Apps to an external source, a unique “Connection ID” is generated that symbolizes a session.

One pivotal component in this architecture is the “APIM Gateway”. The basic connectivity with most data sources hinges on OAuth authentication – a standard used for Single Sign-On (SSO). This essentially eliminates the necessity to repeatedly input username/password for each request to a data source.

For illustration, if an app utilizes the Gmail connector, it will authenticate using Google’s identity provider. Following this, Google provides a cryptographically secure token that is utilized to authenticate subsequent requests made to Google services. This token is stored by the “APIM Gateway” in a designated token store and oversees the renewal of any tokens that have expired.

The primary function of the “APIM Gateway” is to invoke the Restful API endpoint to conduct operations or retrieve data. It also manages the task of sending return records back to the client app.


In essence, Power Apps ensures a secure connection process by employing modern authentication standards and mechanisms, like OAuth for SSO. This guarantees that connection credentials are securely stored in the cloud. For those seeking a more detailed explanation or visual insights, it is suggested to refer to relevant video resources or, for a comprehensive understanding, to reach out to industry professionals. If you require further assistance or have technical queries, please contact us and we’ll be happy to assist you.

About The Author