Hi
I have an existing Portal and its set of users in Contacts.
I want to create another Portal with a different set of users on Contacts.
How do I differentiate between the users access as currently a registered user can access both Portals.
Scenario to achieve:
User A = can access Portal A. Cant access Portal B.
User B = cant access Portal A. Can access Portal B.
Solved! Go to Solution.
Hi there,
I have put together the following diagram as this tends to come up quite often. I have also included one of our MVP's post surrounding this. Ulrikke does a good job walking peopel through the practicality of setting up the access control rules so no need to reinvent the step by step wheel. Check out the following link here: https://ulrikke.akerbak.com/2020/10/18/use-web-page-access-control-rule-to-lock-portal-behind-authen...
At a high level, the contacts exist in the same database (environment). Any contact that is a registered user, even with external identities will be able to access and login to the other Power Pages Sites in that environment. To ameliorate this, For each site you need to create root page access control rules for each home page and set the content scope to all, so that all child webpages inherit the home page access control rule.
You would then create web roles in each portal and associate them to those access control rule for each power pages site. Once this is done, the portals are locked down and the pages can only be accessed by authenticated users who have the specific web roles associated to the access control rules.
I have also included an table relationship diagram (ERD) showing the 1:N, N:1 and N:N relationships between all this
Hi there,
I have put together the following diagram as this tends to come up quite often. I have also included one of our MVP's post surrounding this. Ulrikke does a good job walking peopel through the practicality of setting up the access control rules so no need to reinvent the step by step wheel. Check out the following link here: https://ulrikke.akerbak.com/2020/10/18/use-web-page-access-control-rule-to-lock-portal-behind-authen...
At a high level, the contacts exist in the same database (environment). Any contact that is a registered user, even with external identities will be able to access and login to the other Power Pages Sites in that environment. To ameliorate this, For each site you need to create root page access control rules for each home page and set the content scope to all, so that all child webpages inherit the home page access control rule.
You would then create web roles in each portal and associate them to those access control rule for each power pages site. Once this is done, the portals are locked down and the pages can only be accessed by authenticated users who have the specific web roles associated to the access control rules.
I have also included an table relationship diagram (ERD) showing the 1:N, N:1 and N:N relationships between all this
Be aware that each Portal has 3 default Web Roles of these 2 of them your Contacts inherit their permissions (they are not assigned to the Contact, but the contact has access to what the Privileges attached to those Web Roles give):
(these 2 roles are most likely why your Contacts have access to both portals)
You will probably want to edit these and uncheck the tick boxes https://docs.microsoft.com/en-us/power-apps/maker/portals/configure/create-web-roles
You may have to watch out for the 3rd one "Administrator" (but usually you don't) as the first User that signs in to the Portal via Active Directory will get associated to the default Contact record that has this Web Role assigned to it (when you fill in the Profile on the Portal the default Contact record gets updated).
@erzascarlet please let us know if above solutions solves your problem or you need any further help with this
Power Pages Super User | MVP
I've created 2 web roles, created 2 Web Page Access Controls Rules.
Still, one user can access both Portals.
Do each Contact need to be associated with a Web Role? Would this mean every new user who registers need to be added to the Web Role?
Im failing to see where exactly is the user/web role is connected to a portal.
Ive done this. No change. Please see my response below
Thanks for this. Ive looked at the blog and done the same but no change. Please see my response at the bottom of this thread
Have you double checked all Web Roles for the Tickboxes for Anonymous and Authenticated - a Web Role with these ticked does not need to be assigned the a Portal user will just inherit the permissions they give.