{"id":2011,"date":"2024-09-30T10:13:23","date_gmt":"2024-09-30T17:13:23","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/identity\/?p=2011"},"modified":"2024-10-02T04:43:15","modified_gmt":"2024-10-02T11:43:15","slug":"external-id-and-power-pages","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/identity\/external-id-and-power-pages\/","title":{"rendered":"Introducing seamless authentication with Power Pages and Microsoft Entra External ID"},"content":{"rendered":"<p>Today we announce the public preview of Microsoft Entra External ID as an identity provider for Microsoft Power Pages\u2014simplifying authentication for your external-facing apps so that you can focus on building features.<\/p>\n<p>A lot of time can be spent on development when building a website, especially when it comes to figuring out how to authenticate users. Power Pages enables you to get a website up and running within a few minutes, while External ID offers a wide range of resources to secure external identities with extensive customization capabilities. Offering out-of-the-box authentication, External ID enables you to save significant time and effort, allowing you to focus on the rest of the application.<\/p>\n<p>Advantages of using External ID include:<\/p>\n<ul>\n<li><strong>Enhanced security:<\/strong> Businesses can ensure secure access for their users, protecting sensitive information and reducing the risk of unauthorized access. <\/li>\n<li><strong>Improved user experience:<\/strong> A streamlined authentication process reduces complexity for users, providing a smoother and more intuitive experience. <\/li>\n<li><strong>Scalability:<\/strong> The ability to handle large numbers of users and various identity providers makes this integration ideal for businesses of all sizes. <\/li>\n<\/ul>\n<p>In this blog post, I show you how to set up and run External ID with a Power Pages demo website.<\/p>\n<h2>Prerequisites<\/h2>\n<ol>\n<li>An external tenant on <a href=\"https:\/\/entra.microsoft.com\/#home\">Microsoft Entra Admin Center<\/a>. \n<ul>\n<li>If you don\u2019t have one, you can create one using our\u202f<a href=\"https:\/\/aka.ms\/ciam\/freetrial-info\">30-day free trial<\/a>\u202for\u202f<a href=\"https:\/\/aka.ms\/ExternalIDConsumerApps\">create an external tenant<\/a>\u202fwith an Azure subscription. <\/li>\n<\/ul>\n<\/li>\n<li>Ensure you have the <a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/role-based-access-control\/permissions-reference#application-administrator\">Application Administrator<\/a> role and <a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/role-based-access-control\/permissions-reference#external-id-user-flow-administrator\">External ID User Flow Administrator<\/a> role on Microsoft Entra. <\/li>\n<li>A <a href=\"https:\/\/learn.microsoft.com\/en-us\/power-pages\/getting-started\/create-manage\">Power Pages<\/a> environment or sign up for a <a href=\"https:\/\/learn.microsoft.com\/en-us\/power-pages\/getting-started\/trial-signup\">30-day free Power Pages trial<\/a>. You\u2019ll need either a <a href=\"https:\/\/learn.microsoft.com\/en-us\/power-pages\/admin\/admin-roles#read-write-access-mode\">system administrator or a read-write user account<\/a>. <\/li>\n<li>A demo site with a sign-up process (you can use the starter layout 1 template from the list of Power Pages templates, which is the one used here). <\/li>\n<\/ol>\n<h2>Set up External ID on your website<\/h2>\n<p align=\"center\">\n  <iframe width=\"560\" height=\"315\" src=\"https:\/\/www.youtube.com\/embed\/zQlmwG6P3b8?si=eKiMON34c0R9lktc\" allowfullscreen><\/iframe>\n<\/p>\n<ol>\n<li>Log in to Power Pages and click <strong>Edit<\/strong> on the site where you want to configure an External ID provider. \n<ul>\n<li>Click on <strong>Security<\/strong>, then click <strong>Configure<\/strong> beside Microsoft Entra External ID. <\/li>\n<li>A guided wizard will pop up prompting you to enter configuration details. <\/li>\n<\/ul>\n<\/li>\n<li>Select your provider. \n<ul>\n<li>Select &#8216;Microsoft Entra External ID&#8217; as your log in provider. <\/li>\n<li>The provider\u2019s name is the label that will appear on the sign-in button. It can be something simple like \u2018Microsoft Entra External ID\u2019 or \u2018Log in with External ID\u2019. <\/li>\n<li>Click <strong>Next<\/strong>. <\/li>\n<\/ul>\n<\/li>\n<li>Register your application in the Microsoft Entra Admin Center. \n<ul>\n<li>Go to the Microsoft Entra Admin Center. <\/li>\n<li>Click on <strong>App registrations<\/strong> > <strong>New registration<\/strong>. <\/li>\n<li>Enter a name for your app. For example, \u2018power-pages-app\u2019. Select &#8216;Web&#8217; as your platform and copy the reply URL from Power Pages and paste it in the redirect URL field in the Microsoft Entra Admin Center.<\/li>\n<li>Click <strong>Register<\/strong>.<\/li>\n<li>On the power-pages-app <strong>Authentication<\/strong> tab, select &#8216;Access tokens&#8217; and &#8216;ID tokens&#8217; and click <strong>Save<\/strong>.<\/li>\n<li>On the <strong>API permissions<\/strong> tab, grant &#8216;admin&#8217; consent. <\/li>\n<\/ul>\n<\/li>\n<li>Create a user flow. \n<ul>\n<li>Navigate to <strong>External Identities<\/strong> > <strong>User flows<\/strong>.<\/li>\n<li>Click create <strong>New user flow<\/strong>.<\/li>\n<li>Give the user flow a name, e.g. \u2018Power-pages-user-flow\u2019 and select &#8217;email with password&#8217;. Click <strong>Create<\/strong>. <\/li>\n<\/ul>\n<\/li>\n<li>Link application to the user flow. \n<ul>\n<li>On the user flow you just created (power-pages-user-flow), click <strong>Applications<\/strong> > <strong>Add application<\/strong>. Select your application, in this case it is \u2018power-pages-app\u2019, and click <strong>Select<\/strong>. <\/li>\n<\/ul>\n<\/li>\n<li>Configure site settings. \n<ul>\n<li>Go to <strong>Applications<\/strong> > <strong>App registrations<\/strong> > <strong>All applications<\/strong> and select \u2018power-pages-app\u2019.<\/li>\n<li>Copy and paste the &#8216;Client ID&#8217; into Power Pages.<\/li>\n<li>Click on <strong>Endpoints<\/strong> and copy the authority URL and OpenID connect metadata document and paste it into your site settings and click <strong>Next<\/strong>.<\/li>\n<\/ul>\n<\/li>\n<li>Optional settings and review. \n<ul>\n<li>You can leave optional settings and review and click <strong>Close<\/strong>. <\/li>\n<\/ul>\n<\/li>\n<li>Make changes visible to your site. \n<ul>\n<li>Go to Power Platform admin center. <\/li>\n<li>Under <strong>Site Actions<\/strong>, click on <strong>Restart site<\/strong>. A confirmation dialog box will appear. Click <strong>Restart<\/strong>. It will take a few minutes to complete and for the changes to be reflected on your site.<\/li>\n<li>Open your site URL and head over to the sign- in page. The button you configured in step 2, \u2018Microsoft Entra External ID\u2019, will now be visible. Click on it.<\/li>\n<li>Sign up a new user with the sign-up flow.<\/li>\n<li>At the end of the user flow, you will be directed to complete the registration on the website. Enter the same email address and click <strong>Register<\/strong>.<\/li>\n<li>Finally, if you have a profile page, you can enter relevant user details, such as first and last name and click <strong>Update<\/strong>. <\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<p>Congratulations! You will now have signed up your first user with External ID on Power Pages.<\/p>\n<h2>Let\u2019s recap<\/h2>\n<p>You have now successfully set up and signed up your first user to your website.<\/p>\n<p>In this blog post, you have learned how to:<\/p>\n<ul>\n<li>create an application and a user flow. <\/li>\n<li>link the application to your user flow. <\/li>\n<li>configure the Client ID, authority URL, and metadata address on Power Pages. <\/li>\n<li>sign up and sign in an External ID user with email and password on your website. <\/li>\n<\/ul>\n<h2>Stay connected<\/h2>\n<p>To learn more or test out features in the Microsoft Entra portfolio, visit our\u202f<a href=\"https:\/\/aka.ms\/dev\/external-id\">developer center<\/a>. Make sure you subscribe to the\u202f<a href=\"https:\/\/aka.ms\/devblog\/external-id\">Identity developer blog<\/a>\u202ffor more insights and to keep up with the latest on all things Identity. And, follow us on\u202f<a href=\"https:\/\/www.youtube.com\/@MicrosoftSecurity\/playlists\">YouTube<\/a>\u202ffor video overviews, tutorials, and deep dives.<\/p>\n<p>Join our <a href=\"https:\/\/ux.microsoft.com\/Panel\/MicrosoftEntraExternalID?utm_campaign=ExternalID&amp;utm_source=AppService&amp;utm_medium=Blog\">research panel<\/a> to receive occasional invites to participate in future customer research!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Announcing the public preview of Microsoft Entra External ID as an identity provider for Microsoft Power Pages, streamlining authentication for your external-facing apps. With Power Pages, you can launch a website in minutes, and External ID provides robust tools to secure external identities, with extensive customization options available.<\/p>\n","protected":false},"author":165107,"featured_media":493,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[32,33],"tags":[38,44,16,47,50],"class_list":["post-2011","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-product-updates","tag-authentication","tag-authorization","tag-entra","tag-external-id","tag-identity"],"acf":[],"blog_post_summary":"<p>Announcing the public preview of Microsoft Entra External ID as an identity provider for Microsoft Power Pages, streamlining authentication for your external-facing apps. With Power Pages, you can launch a website in minutes, and External ID provides robust tools to secure external identities, with extensive customization options available.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/identity\/wp-json\/wp\/v2\/posts\/2011","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/identity\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/identity\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/identity\/wp-json\/wp\/v2\/users\/165107"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/identity\/wp-json\/wp\/v2\/comments?post=2011"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/identity\/wp-json\/wp\/v2\/posts\/2011\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/identity\/wp-json\/wp\/v2\/media\/493"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/identity\/wp-json\/wp\/v2\/media?parent=2011"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/identity\/wp-json\/wp\/v2\/categories?post=2011"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/identity\/wp-json\/wp\/v2\/tags?post=2011"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}