Tip #1407: How to secure Power Apps portal from making the news

Screenshot from Portal 2 game by Valve. Screenshot contains two robots from the in-game promotion video on cooperation.

You are a CEO of Rykita, a worldwide manufacturer of power tools used by millions. You wake up invigorated and ready for action only to see the news headlines “Rykita injures more than a thousand customers”, “Calls for Rykita to blunt their tools”, “Rykita customers bleed profusely”, “Users of Rykita tools risk infection if injured”, […]

Tip #1260: Use App Access Roles

Role play and theater masks

If you use any of the new Microsoft solutions/apps for Field Service, Customer Service, PSA, or marketing, you will notice some new roles appear in your security role list that contain the works “app access.” We’ve discussed all of the reasons that model-driven apps may not work correctly for users. The most common reason is […]

Tip #1207: Check applied entity permissions in portals

Liquid is a great templating language adding flexibility to your Dynamics 365 Portal templates. However, as any abstraction, it hides some of the things happening under the hood, including some security filtering. Consider this fragment running on authenticated page: And… the count is 2 while expected to be the total number of contacts in this […]