Author: Elizabeth Akinfiieva, Senior Power Platform Developer
In this article, I would like to share an easy case of security setup in the Power Apps Portal.
When you start creating a Portal you often need to display only relevant data for each user.
For example, users of the Portal are students in a school, who want to see their attendance and performance, but don’t want to share this information with others. So you open a webpage and see only your information.
First of all, we need to understand who are the users from the Power Apps side. There is a Contact table in dataverse that contains the name, email and other information of the user.
You can find it in the Portal Management application in your environment. In this table will be stored authenticated Portal users. Their emails for login are specified in the Email field.
On this form, you can also find Web Roles. These roles define users permissions in the Portal while interacting with web pages and records:
You may see another list of web roles for your contact.
Going back to the example, I have created a table Students with some decimal fields, like Attendance (%), Average Score, and a lookup field to Contact. This lookup field relates the Portal user and the student information.
The data can look smth like this:
And have added this list to the Portal Web Page:
For this table, we need to set up table permission. Navigate to Table Permissions. First will be Admin permission for the Student table.
Create a new record, select Student table from the list. Add all privileges you want to give to an administrator (for example, teacher):
In the Web Roles section add an Administrators role:
In the Contacts tab add contacts who should be admins:
Now create a Student Web Role to assign it to all students and give permission to only see related information:
Create a new Table Permission. Select Student as a Table and in the Access Type specify Contact. This setup is important as it will relate the authenticated user and the data in the Student table. Select Contact Access Type – the relationship between Student and Contact tables:
Add read privilege and Student web role:
Let’s now test the Portal. I have assigned myself an Administrator role. When I open the web page I can see all students:
Now I will remove the admin role and assign the Student role:
This will show me only my record in the Portal: