Showing results for 
Search instead for 
Did you mean: 
Regular Visitor

Should internal users NOT use the Portal forms the customers use?

In Power Pages, we are offering Multistep Forms to customers. I was planning to incorporate the response forms (approve, reject, etc. etc.) for our employees right there in the Power Pages forms. Everything secured with Web Roles, and employees logging in with their existing Azure AD accounts. My colleague says this is a bad approach, for security reasons, and that we must develop a Model-Driven Powerapp for the employees to approve/reject submissions, etc.


The sample Power Pages sites, such as the Building Permit Application sample, all use the Portal pages approach -- portal forms for both employees and customers. Am I missing something? Do we really need to build separate new PowerApps for our employees?


Thanks for any help you can offer! 

Solution Sage
Solution Sage

The choice is yours as long as the users are appropriately licenced.  The Security Model that is applied via Web Roles is different to the Security Roles in Dataverse and as such you may need to be more careful and also implement additional logic so you are capturing the user who is making changes etc as part of the transactions (e..g you when you look at the Audit history you know who made the changes, as the create/update user will show as SYSTEM).

Helpful resources

Carousel Community Blog

Check out the Community Blog

Read all about the most recent blogs in the community!

Community Call Conversations

Introducing the Community Calls Conversations

A great place where you can stay up to date with community calls and interact with the speakers.

Carousel News & Announcements

What's New in the Community?

Check out the latest News & Events in the community!

Top Solution Authors
Users online (6,054)