Power Apps: Contacts authenticating on your Portal

Why?

This is the third post in a series on Power Apps Portals.

What?

In my previous post https://knowhere365.space/power-apps-inviting-contacts-to-your-portal/ inviting Contacts was explained. In this part I will focus on the options available to let other (external) people authenticate on your portal. Authentication lets a person show your portal that they are who they say they are, letting us personalize their experience.

How?

Basically two options to let Contacts authenticate:
https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/configure-portal-authentication

1. Local authentication
   Traditional User and Password managed within the Portal
2. External authentication
   Third party identity providers linking Contacts to that provider u

The main question in this phase:
how will anonymous visitors be able to authenticate within your portal?

Possible answers for our focus:

1. User & Password
   the most simple way is off course the User and Password methodology. To increase security you can even add Two-Factor Autentication (https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/set-authentication-identity#enable-two-factor-authentication).
2. Azure AD B2C provider
   https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/azure-ad-b2c 
   this method needs some Azure configuration to create an Azure Application that uses third party identity providers and be able to customize the user inerface experience. This Azure configuration can be used for more than only Power Apps Portals authentication.
3. OAuth2 provider
   https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/configure-oauth2-settings
   this method incorporates a third party identity provider within your Power Apps Portal to handle the authentication. Providers like Microsoft, Twitter, Facebook, Google and LinkedIn are easy to setup using a Client ID and Client Secret that you can retrieve (often retrieved from a developer framework that the third party provides). Managing these options through the Site Settings entity of the Portal Management App.
4. OpenID provider
   https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/configure-openid-settings
   this method extends the OAuth2 protocol with providing identity information (basic profile information for example) on top of the access tokens.

Option c. mentioned above being setup in this Youtube video of Pragmatic Works is very useful:

After using one of the authentication methods, users themselves can add extra authentication methods to their single Contact record:

Should you want to change authentication methods after going live, Power Apps Portals even provides a real nice migration path impacting the end users as less as possible: https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/migrate-identity-providers.

So with this third post you now have a working Power Apps Portal where people can logon to with secure authentication options. I will keep adding posts about Power Apps Portals in the future with real use cases 😎