Microsoft Power Platform · Dataverse Security Roles

Website Owner

Power Pages (formerly Power Apps Portals) website administration role. Manages a Power Pages site including pages, content, web roles, and authentication settings.

Scope: Single Power Pages website (one website = one set of pages)

Permissions

  • Website settings - Configure Power Pages site settings, branding, and themes
  • Content - Manage web pages, web files, content snippets, and site markers
  • Web roles - Create and manage Power Pages web roles (portal-side authorisation)
  • Authentication - Configure identity providers (Microsoft Entra, Google, Facebook, custom OIDC/SAML)
  • Web templates - Manage Liquid templates and web templates
  • Tables - Access Dataverse tables used by the portal

Common use cases

  • Power Pages site administrator
  • Webmaster managing customer-facing portal
  • Configuring B2C authentication for a Power Pages site

Best practices

  • Pair with Website App Owner for Power Pages app-level access (legacy split)
  • Use security groups for website ownership
  • Document each website's purpose, audience, and authentication model

Security considerations

  • Can change site authentication settings, including identity providers and OIDC configurations
  • Can grant Power Pages web roles which gate portal-side data access

Common questions

When should I assign the Website Owner role?

Assign Website Owner when you need to: Power Pages site administrator; Webmaster managing customer-facing portal; and Configuring B2C authentication for a Power Pages site. It is part of Microsoft Power Platform and should be granted as a least-privilege alternative to broader roles like Global Administrator.

What can someone with the Website Owner role do?

The Website Owner role grants permissions including: Website settings - Configure Power Pages site settings, branding, and themes; Content - Manage web pages, web files, content snippets, and site markers; Web roles - Create and manage Power Pages web roles (portal-side authorisation); Authentication - Configure identity providers (Microsoft Entra, Google, Facebook, custom OIDC/SAML); Web templates - Manage Liquid templates and web templates; and Tables - Access Dataverse tables used by the portal. See the Permissions section above for the full list.

What are the security risks of the Website Owner role?

Key considerations when assigning Website Owner: Can change site authentication settings, including identity providers and OIDC configurations; and Can grant Power Pages web roles which gate portal-side data access. Review the Security considerations section before assignment, and pair with Privileged Identity Management (PIM) for just-in-time access where possible.

Official Microsoft Learn documentation →

Open the interactive RBACMap →