I am attempting to allow both internal and external users access to a Power Pages site. I understand there are two ways to go about this:
The first option does work, with a contact being created when users sign in with their Microsoft account. But this is not suitable for this site, as it should not be publically available.
I have tried the second option, by adding rows to the Contact table within Power Pages and using the New Contact form within Portal Management, but it just results in the user being kicked back to the login page upon signing in. No error message is displayed.
When adding users to the Contact table, I have ensured that all required fields are completed. I've also added the necessary entry to the External Identity table.
The Microsoft identity provider is enabled, which is configured with the appropriate Client ID / Client Secret from the sites Azure App Registration. Additional settings are at their defaults, except for 'Registration enabled' and 'Contact mapping with email', which are both enabled.
Within Portal Management, 'Authentication/Registration/Enabled' and 'Authentication/Registration/ExternalLoginEnabled' are both True.
Within Azure, in the Authentication section of the app registration, 'Supported account types' is set to 'Accounts in any organizational directory'.
I have also tried this on a default Power Pages site and the issue is present there as well.
Is there some other way of manually adding users to a site? Or have I just missed a step when adding users to the Contact table?
When manually creating the External Identity records, on the Contact record the Security Stamp must be populated with a guid (any guid, but must be a guid), Login Enabled set to Yes (checkbox ticked), I can't remember if Username is also required or not (if so for Azure AD its default is the GUID in the External Identity)
And of course after making any such changes you need to clear the portal cache or wait 15mins for the data to be available to the portal.
What you can also try, is with a user that logs in successfully, edit the External Identity record with the guid of another external user, clear the portal cache and see if you can login with the other user (should login as the Contact the External Identity guid is on).
The portal user is not logged in, as this issue prevents them from doing so.
I am populating these fields on the Contact record:
Contact, Owner, and Status are automatically populated.
I have also tried:
but none of these make any difference.
@jl2 wrote:
I have tried the second option, by adding rows to the Contact table within Power Pages and using the New Contact form within Portal Management, but it just results in the user being kicked back to the login page upon signing in. No error message is displayed.
Is the Portal User logged in to the Portal, does their user name appear in the top right or does it still say Sign-in?
@jl2 wrote:
When adding users to the Contact table, I have ensured that all required fields are completed. I've also added the necessary entry to the External Identity table.
As it appears you are attempting to manually create the External Identity record in Dataverse - exactly which fields have you populated on the Contact record and with what values?