Microsoft Power Platform · Dataverse Security Roles
Website Owner
Power Pages (formerly Power Apps Portals) website administration role. Manages a Power Pages site including pages, content, web roles, and authentication settings.
Scope: Single Power Pages website (one website = one set of pages)
Permissions
- Website settings - Configure Power Pages site settings, branding, and themes
- Content - Manage web pages, web files, content snippets, and site markers
- Web roles - Create and manage Power Pages web roles (portal-side authorisation)
- Authentication - Configure identity providers (Microsoft Entra, Google, Facebook, custom OIDC/SAML)
- Web templates - Manage Liquid templates and web templates
- Tables - Access Dataverse tables used by the portal
Common use cases
- Power Pages site administrator
- Webmaster managing customer-facing portal
- Configuring B2C authentication for a Power Pages site
Best practices
- Pair with Website App Owner for Power Pages app-level access (legacy split)
- Use security groups for website ownership
- Document each website's purpose, audience, and authentication model
Security considerations
- Can change site authentication settings, including identity providers and OIDC configurations
- Can grant Power Pages web roles which gate portal-side data access