Power Pages for Dynamics 365 customer portals
Building customer-facing portals on top of Dataverse — Power Pages templates, authentication, security, and operational realities.
Microsoft Power Pages is the low-code platform for building secure, external-facing websites that read and write Dataverse. For Dynamics 365 customers, it's the standard way to deliver customer self-service portals, B2B partner extranets, public-sector citizen portals, event-registration sites, and supplier collaboration hubs.
The shape of a Power Pages site. A site has pages (content), web templates (Liquid-driven layout), forms (rendering Dataverse forms with controlled fields and permissions), lists (rendering Dataverse views), and web files (assets — images, scripts, stylesheets). Everything is configured through a maker portal with both visual designers and direct code editing.
Authentication. Power Pages supports multiple identity providers: Entra ID, Microsoft account, Google, Facebook, LinkedIn, Apple, and any OpenID Connect or SAML 2.0 provider. Local accounts (username/password stored in Dataverse) are also supported but discouraged. Anonymous browsing is allowed where the use case fits (public knowledge portals); behind a login is the more common pattern.
Identity to record mapping. Authenticated users map to Contact records in Dataverse — one portal user is one Contact. Self-registration and identity-provider sign-up flows create the Contact automatically; admin-driven invitations are also possible.
Web roles. Permissions inside Power Pages are governed by web roles assigned to Contacts. Each role grants access to pages, forms, lists, and Dataverse data through table permissions. The pattern is similar to Dynamics 365 security roles but scoped to portal users only; production CRM users don't get portal permissions through Dataverse roles.
Table permissions. Critical concept. Table permissions define what portal users can read, write, create, delete on specific Dataverse tables, scoped by relationship (e.g. "this Contact can read their Account's Cases", not "any Case"). Misconfigured table permissions are the most common Power Pages security mistake — too permissive grants data leaks; too restrictive blocks users from their own data.
Customer use cases. Most Dynamics 365 customers use Power Pages for at least one of:
- Case logging — customers create and track cases against Customer Service.
- Knowledge browsing — exposing the customer-facing slice of the knowledge base.
- Account self-service — customers update contact info, see invoices, pay online (with payment-processor integration).
- Partner portals — distributors and resellers access deal registration, pricing, and shared opportunities.
Limits. Power Pages is great at moderate-complexity portals. Highly visual marketing sites, e-commerce checkouts, and complex public-facing experiences often integrate Power Pages for the data-driven sections with a separate CMS or framework for the rest.
Operating cost. Per active user per month, with a separate anonymous-page-view tier. Capacity is bought in packs.
Related guides
- Power Pages Liquid templatingHow Liquid templates work in Power Pages — variables, tags, filters, rendering Dataverse data, and the design patterns for customer-facing portals.
- Power Pages security, in depthHow Power Pages secures external-facing portals — identity providers, web roles, table permissions, page permissions, and the audit and DLP that wraps them.
- Power Pages with Dataverse searchHow to make Power Pages portals searchable — enabling Dataverse search, scoping by table and security, indexing, and the patterns for portal-friendly search UX.
- Power Apps Portals history and rebranding to Power PagesFrom ADXStudio to Dynamics 365 Portals to Power Apps Portals to Power Pages — the product genealogy and what the rebranding means for customers.
- AI prompts in Power PlatformHow AI Builder and Copilot Studio promote prompts as a first-class artefact — prompt design, parameters, grounding, and the operational patterns that make AI prompts reliable in business apps.