Seamless authentication on Power Pages with Microsoft Entra External ID (Public Preview)

Developing a website can be time-consuming, particularly when it comes to figuring out how to authenticate users. Power Pages streamlines this process, allowing you to launch a website in just minutes. With External ID, you gain access to a comprehensive suite of resources for securing external identities, complete with extensive customization options. Integrating External ID on Power Pages simplifies authentication for your website so that you can focus on the rest of the application.

Advantages of using External ID include:

• Enhanced security: Businesses can ensure secure access for their users, protecting sensitive information and reducing the risk of unauthorized access.
• Improved user experience: A streamlined authentication process reduces complexity for users, providing a smoother and more intuitive experience.
• Scalability: The ability to handle large numbers of users and various identity providers makes this integration ideal for businesses of all sizes.

In this blog post, I will guide you through the setup of External ID on a Power Pages demo website.

Prerequisites

1. An external tenant on Microsoft Entra Admin Center.

• If you don’t have one, you can create one using our 30-day free trial or create an external tenant with an Azure subscription.

2. Ensure you have the application administrator role and External ID User Flow Administrator role on Microsoft Entra.
3. A Power Pages environment or sign up for a . You’ll need either a system administrator or a read-write user account.
4. A demo site with a sign-up process (you can use Starter layout 1, 2 or 3 templates from the list of Power Pages templates. These templates have login functionality. In this demo, we use Starter layout 1).

Set up External ID on your website

1. Log in to Power Pages and click Edit on the site where you want to configure an External ID provider.

• • Click on Security, then click on Identity providers under Manage then Configure beside Microsoft Entra External ID.

• • A guided wizard will pop up prompting you to enter configuration details.

2. Select your provider.

• • Select Microsoft Entra External ID as your log in provider.
  • The provider’s name is the label that will appear on the sign-in button. It can be something simple like ‘Microsoft Entra External ID’ or ‘Log in with External ID’.
  • Click Next.

3. Register your application in the Microsoft Entra admin center.

• • Go to the Microsoft Entra admin center.
  • Under Applications on the left, click on App registrations then New registration.

• • Enter a name for your app. For example, ‘power-pages-app’.
  • Under Redirect URI, Select Web as your platform and copy the Reply URL from Power Pages and paste it in the redirect URL field in the Microsoft Entra Admin Center.
  • Click Register.
  • On the power-pages-app Authentication tab, under the Implicit grant and hybrid flows section, select Access tokens and ID tokens and click Save.
  • On the API permissions tab, grant admin consent.

4. Create a user flow. The user flow is login experience

• • Navigate to External Identities > User flows.
  • Click create New user flow.
  • Give the user flow a name, e.g. ‘Power-pages-user-flow’ and under Identity providers, select email with password. Click Create.

5. Link application to the user flow.

• • On the user flow you just created (power-pages-user-flow), click Applications > Add application.

• • Select your application, in this case it is ‘power-pages-app’, and click Select.

6. Go back to Power Pages and click the Next button to Configure site settings. We need to provide the client ID and Authority URL. These are available on the Microsoft Entra admin center.

• • In the Microsoft Entra admin center, go to Applications > App registrations > All applications and select ‘power-pages-app’.

• • Copy and paste the Application (client) ID into the Power Pages fields.
  • Click on Endpoints and copy the authority URL and OpenID connect metadata document and paste it into your site settings and click Next.

7. Optional settings and review.

• • You can leave optional settings and review and click Confirm then Close.

8. Make changes visible to your site.

• • Go to Power Platform admin center by navigating to the site and clicking the dots next to Preview. Then select Admin center.

• • Under Site Actions, click on Restart site. A confirmation dialog box will appear. Click Restart. It will take a few minutes to complete and for the changes to be reflected on your site.

• • Open your site URL and head over to the sign-in page. The button you configured in step 2, ‘Microsoft Entra External ID’, will now be visible. Click on it.
  • Sign up a new user with the sign-up flow.
  • At the end of the user flow, you will be directed to complete the registration on the website. Enter the same email address and click Register.
  • Finally, if you have a profile page, you can enter relevant user details, such as first and last name and click Update.

Congratulations! You will now have signed up your first user with External ID on Power Pages.

Let’s recap

In this blog post, you have learned how to:

• Create an application and a user flow.
• Link the application to your user flow.
• Configure the Client ID, authority URL, and metadata address on Power Pages.
• Sign up and sign in an External ID user with email and password on your website.

Next steps

To learn more or test out features in the Microsoft Entra portfolio, visit our developer center. Make sure you subscribe to the Identity blog for more insights and to keep up with the latest on all things Identity. And, follow us on YouTube for video overviews, tutorials, and deep dives.