Identify differences in Portal Behavior in Power Apps Portals

  1. Home
  2. Identify differences in Portal Behavior in Power Apps Portals

In Power Apps portals, every authenticated portal user is linked with a contact record in Microsoft Dataverse. Moreover, portal users must be assigned to web roles for gaining permissions beyond unauthenticated users. You must also define a web role’s webpage access and website access control rules in order to configure permissions. Additionally, Power App Portals allows portal users to sign in with an external account of their choice using ASP.NET Identity.

ProviderProtocolDocumentation
Azure Active Directory (Azure AD)OpenID ConnectAzure AD with OpenID Connect
Azure ADSAML 2.0Azure AD with SAML 2.0
Azure ADWS-FederationAzure AD with WS-Federation
Azure AD B2COpenID ConnectAzure AD B2C with OpenID Connect
Azure AD B2C with OpenID Connect (manual configuration)
Azure Directory Federation Services (AD FS)SAML 2.0AD FS with SAML 2.0
AD FSWS-FederationAD FS with WS-Federation
MicrosoftOAuth 2.0Microsoft
LinkedInOAuth 2.0LinkedIn
FacebookOAuth 2.0Facebook
GoogleOAuth 2.0Google
TwitterOAuth 2.0Twitter
Local authentication
(not recommended)
Not applicableLocal authentication
Source: Microsoft

Features of Open Registration

  • Firstly, open registration is the least restrictive sign-up configuration, such that the portal permits a user account to be registered by providing a user identity.
  • Secondly, configurations require users to provide an invitation code or valid email address to register with the portal.
  • Thirdly, the registration configuration, both local and external accounts participate equally in the registration workflow.
  • Next, during sign-up, the users have the option of selecting an external identity from a list of identity providers for creating a local account
  • Then, if an external identity is selected, the user is required to sign in through the chosen identity provider to prove that they own the external account.
  • Lastly, whether in external or local identity provider situations, the user is immediately registered and authenticated with the portal.

Note – As the open registration enables, users do not have to provide an invitation code to complete the sign-up process.

Local authentication, registration, and other settings

The authentication capability in the portals feature is based on the ASP.NET Identity API. The OWIN framework, which is also an important component of the authentication system, is developed on top of ASP.NET Identity. Among the services offered are:

  • Local (username/password) user sign-in
  • External (social provider) user sign-in through third-party identity providers
  • Two-factor authentication with email
  • Email address confirmation
  • Password recovery
  • Invitation code sign-up for registering prepopulated contact records
Requirements

Portals require:

  • Portals Base
  • Microsoft Identity
  • Microsoft Identity Workflows solution packages
Authentication overview

Returning portal visitors can log in using their local user credentials or accounts with external identity providers. A new visitor can create a user account by giving a username and password or by using an external source to sign in. Visitors who have received an invitation code from the portal administrator can use it to create a new user account.

Forgot password or password reset

Returning visitors who need to reset their password (who have previously supplied an email address in their user profile) can request that a password reset token to be sent to their email account. The owner of a reset token can pick a new password. The token can also be discarded, preserving the user’s original password.

Redeem an invitation

By redeeming an invitation code, a registered visitor can be linked to an existing contact record that was created particularly for that visitor ahead of time. The invitation codes are often sent out by email, but you may also send them out via a generic code submission form. After submitting a valid invitation code, the new user account can create via the standard user registration (sign-up) process.

For more details visit: Local authentication, registration, and other settings, authentication in Power Apps portals

Microsoft Exam PL-900 Free Practice Test
Menu