diff --git a/src/yunohost/app.py b/src/yunohost/app.py
index b3c36d059..ab290cb4d 100644
--- a/src/yunohost/app.py
+++ b/src/yunohost/app.py
@@ -406,10 +406,10 @@ def app_map(app=None, raw=False, user=None):
 
     """
     from yunohost.permission import user_permission_list
-    from yunohost.utils.ldap import _get_ldap_interface
 
     apps = []
     result = {}
+    permissions = user_permission_list(full=True)["permissions"]
 
     if app is not None:
         if not _is_installed(app):
@@ -429,12 +429,8 @@ def app_map(app=None, raw=False, user=None):
             continue
         if 'no_sso' in app_settings:  # I don't think we need to check for the value here
             continue
-        if user is not None:
-            ldap = _get_ldap_interface()
-            if not ldap.search(base='ou=permission,dc=yunohost,dc=org',
-                               filter='(&(objectclass=permissionYnh)(cn=%s.main)(inheritPermission=uid=%s,ou=users,dc=yunohost,dc=org))' % (app_id, user),
-                               attrs=['cn']):
-                continue
+        if user and user not in permissions[app_id + ".main"]["corresponding_users"]:
+            continue
 
         domain = app_settings['domain']
         path = app_settings['path']
diff --git a/src/yunohost/tests/test_permission.py b/src/yunohost/tests/test_permission.py
index 8db1ae825..94728505d 100644
--- a/src/yunohost/tests/test_permission.py
+++ b/src/yunohost/tests/test_permission.py
@@ -1,6 +1,6 @@
 import pytest
 
-from yunohost.app import app_install, app_remove, app_change_url, app_list
+from yunohost.app import app_install, app_remove, app_change_url, app_list, app_map
 
 from yunohost.user import user_list, user_info, user_create, user_delete, user_update, \
                           user_group_list, user_group_create, user_group_delete, user_group_update, user_group_info
@@ -331,7 +331,7 @@ def test_permission_remove_url_not_added():
 # Application interaction
 #
 
-def test_install_app():
+def test_permission_app_install():
     app_install("./tests/apps/permissions_app_ynh",
                 args="domain=%s&path=%s&admin=%s" % (maindomain, "/urlpermissionapp", "alice"), force=True)
 
@@ -352,7 +352,14 @@ def test_install_app():
     assert res['permissions_app.dev']['allowed'] == []
     assert set(res['permissions_app.dev']['corresponding_users']) == set()
 
-def test_remove_app():
+    # Check that we get the right stuff in app_map, which is used to generate the ssowatconf
+    assert maindomain + "/urlpermissionapp" in app_map(user="alice").keys()
+    user_permission_update("permissions_app.main", remove="all_users", add="bob")
+    assert maindomain + "/urlpermissionapp" not in app_map(user="alice").keys()
+    assert maindomain + "/urlpermissionapp" in app_map(user="bob").keys()
+
+
+def test_permission_app_remove():
     app_install("./tests/apps/permissions_app_ynh",
                 args="domain=%s&path=%s&admin=%s" % (maindomain, "/urlpermissionapp", "alice"), force=True)
     app_remove("permissions_app")
@@ -361,7 +368,7 @@ def test_remove_app():
     res = user_permission_list(full=True)['permissions']
     assert not any(p.startswith("permissions_app.") for p in res.keys())
 
-def test_change_url():
+def test_permission_app_change_url():
     app_install("./tests/apps/permissions_app_ynh",
                 args="domain=%s&path=%s&admin=%s" % (maindomain, "/urlpermissionapp", "alice"), force=True)