Protecting Power Apps and Power Pages from security threats such as viruses and other attacks in file uploads, and other attacks can be achieved with no code changes using Cloudmersive Reverse Proxy Server.

Basic Setup

• Navigate to the Cloudmersive Management Portal and click on Private Cloud Deployment

• Click on the relevant node and click on Configure Node

• Click on Add Site to define a new site

• Add an API key to your site by clicking on Add API Key

• Click on Add Target Server and enter the URL for your Power Apps or Power Pages application, e.g. https://myapp.powerappsportals.com

• Add any relevant logging policies that you wish to have

• Click on Add Transform Policy and select Transform Redirect. Once added, configure this policy and set Match Path (Substring) to myapp.powerappsportals.com/en-US/SignIn?. Be sure to update myapp as appropriate. Set New Path (Substring Replace) to your domain, such as myapp.cloudmersiveproxy.io/en-US/SignIn?

• Click on Add Transform Policy and select Transform Redirect. Once added, configure this policy and set Match Path (Substring) to myapp.powerappsportals.com. Be sure to update myapp as appropriate. Set New Path (Substring Replace) to your domain, such as myapp.cloudmersiveproxy.io

• Click on Add Transform Policy and select Response Content Replace. Set Target Content to Match to myapp.powerappsportals.com. Set Replacement Content to myapp.cloudmersiveproxy.io

If you are using a custom domain, replace myapp.cloudmersiveproxy.io with mycustomdomain.com.

Adding Support for Single-Sign On (SSO)

If you are using Single-Sign On, such as Azure Active Directory, or Azure Active Directory B2C Login, then for your Enterprise Application be sure to set your redirect_uri to the appropriate Redirect URL for your application, e.g. https://myapp.cloudmersiveproxy.io/signin-yoursigninnamehere