Power Pages Power Pages
Level-500-Referenz zu Power Pages, Table Permissions, Web Roles, Authentifizierung, Liquid, Web API, PWA, CDN, VS-Code-basierter Entwicklung und Betriebsgovernance. Level 500 reference for Power Pages, table permissions, web roles, authentication, Liquid, Web API, PWA, CDN, VS Code-based development, and operational governance.
Liquid
Liquid
Templating und Personalisierung
Templating and personalization
CRUD
CRUD
Table Permissions pro Scope
Table permissions per scope
PWA
PWA
Offline- und Installationsmuster
Offline and install patterns
Web API
Web API
JavaScript-nahe Datennutzung
JavaScript-centric data usage
đĄ Power Pages ist Website, Datensicherheitsmodell und ALM zugleich
đĄ Power Pages is a website, a data security model, and an ALM surface
Ein sicheres Portal entsteht nur, wenn Table Permissions, Web Roles, Authentifizierungsprovider, Caching, Liquid-Templates und Site Settings gemeinsam verstanden werden. A secure portal exists only when table permissions, web roles, authentication providers, caching, Liquid templates, and site settings are understood together.
Design Studio
Design studio
Pages, forms, components Pages, forms, components
Security und Auth
Security and auth
Table permissions, web roles, providers Table permissions, web roles, providers
Liquid und Custom Code
Liquid and custom code
Templates, filters, Web API Templates, filters, Web API
Admin, PWA, SEO
Admin, PWA, SEO
Operations, accessibility, languages Operations, accessibility, languages
Power Pages Ăberblick, Design Studio und Templates Power Pages overview, design studio, and templates
Power Pages ist die Nachfolgeplattform der frĂŒheren Power Apps Portals. Das Produkt liefert Website-Hosting, Dataverse-gestĂŒtzte Datenzugriffe, Low-Code-Seitenkomposition und ein rollenbasiertes Sicherheitsmodell fĂŒr externe oder interne Nutzer. Power Pages is the successor to the earlier Power Apps Portals platform. It delivers website hosting, Dataverse-backed data access, low-code page composition, and a role-based security model for external or internal users.
| Baustein Building block | Beschreibung Description | Typische Nutzung Typical usage | Hinweis Note |
|---|---|---|---|
| Design Studio Design studio | Low-Code-OberflĂ€che fĂŒr Seiten, Datenkomponenten und Styling Low-code surface for pages, data components, and styling | Schneller Portalaufbau Rapid portal creation | FĂŒr strukturelle Ănderungen mit ALM-Prozess koppeln Tie structural changes to an ALM process |
| Pages Workspace Pages workspace | Seitennavigation, Metadaten und URL-Struktur Page navigation, metadata, and URL structure | Informationsarchitektur Information architecture | Friendly URLs und SEO frĂŒh planen Plan friendly URLs and SEO early |
| Styling Workspace Styling workspace | Theme, Farben und Markenanpassung Theme, colors, and branding | Corporate Identity Corporate identity | Custom CSS sauber versionieren Version custom CSS cleanly |
| Data Workspace Data workspace | Formulare, Listen und Dataverse-Komponenten Forms, lists, and Dataverse components | Self-service-Datenportale Self-service data portals | Table Permissions vor Go-Live validieren Validate table permissions before go-live |
| Starter Template Starter template | Vorkonfigurierte Website mit Szenariofokus Preconfigured website with scenario focus | Customer self-service, scheduling Customer self-service, scheduling | Template erleichtert Start, ersetzt aber kein Zieldesign Template helps you start, but does not replace target design |
| Blank Site Blank site | Leere Website fĂŒr individuelle IA Empty site for custom IA | Streng governte Corporate Portale Tightly governed corporate portals | Höherer Designaufwand, sauberere Zielarchitektur Higher design effort, cleaner target architecture |
| Multistep Form Multistep form | Wizard-artige Datenerfassung Wizard-like data capture | AntrÀge, Registrierungen, Onboarding Requests, registrations, onboarding | Serverseitige Validierung und Teilfortschritt bedenken Consider server-side validation and partial progress |
| List Component List component | Dataverse-Liste mit Filter, Sortierung und Aktionen Dataverse list with filtering, sorting, and actions | Case- oder Request-Listen Case or request lists | Performance und Paging mit Datenmenge testen Test performance and paging with data volume |
| Form Component Form component | Dataverse-Formulare fĂŒr Erstellen oder Bearbeiten Dataverse forms for create or edit | Profilpflege, Ticketanlage Profile maintenance, ticket creation | Feldsichtbarkeit gegen Sicherheit nie verwechseln Never confuse field visibility with security |
| Template-Typ Template type | StÀrken Strengths | Wann nutzen When to use | Risiko Risk |
|---|---|---|---|
| Customer Self-Service Customer self-service | Cases, Knowledge, Auth-Patterns vorbereitet Cases, knowledge, auth patterns prebuilt | Service- oder Supportportale Service or support portals | Entity-Modell an FachdomÀne anpassen Adapt the entity model to the domain |
| Schedule and Book Schedule and book | Kalender- und Terminmuster Calendar and booking patterns | Termine, Besuche, Reservierungen Appointments, visits, reservations | Zeitlogik und VerfĂŒgbarkeit extern testen Test time logic and availability externally |
| Blank Blank | Maximale Freiheit Maximum freedom | Corporate Design oder komplexe IA Corporate design or complex IA | Mehr initiale Build-Zeit More initial build time |
| Partner / Account Portal Partner / account portal | Beziehungs- und Rollenmodell schnell nutzbar Relationship and role model quickly usable | B2B-Zusammenarbeit B2B collaboration | Account- und Contact-Scope sauber modellieren Model account and contact scope cleanly |
Table Permissions, Web Roles und Authentifizierung Table permissions, web roles, and authentication
| Permission Scope Permission scope | Bedeutung Meaning | Geeignet fĂŒr Suitable for | Hinweis Note |
|---|---|---|---|
| Global Global | Jeder berechtigte Benutzer sieht alle Zeilen Each permitted user sees all rows | Ăffentliche Kataloge oder Stammdaten Public catalogs or master data | Nur fĂŒr wirklich unkritische DatensĂ€tze Only for truly non-sensitive records |
| Contact Contact | Nur DatensÀtze mit Beziehung zum Kontakt Only records related to the contact | Mein Profil, meine Cases My profile, my cases | Kontaktbeziehung muss konsistent gepflegt sein The contact relationship must be maintained consistently |
| Account Account | Datensicht auf Kontoebene Record visibility at account level | Partner- oder Kundenkonten Partner or customer accounts | Kontakt-zu-Account-Mitgliedschaft entscheidend Contact-to-account membership is critical |
| Parent Parent | Vererbt Zugriff ĂŒber Elternbeziehung Inherits access through parent relationship | Angebote zu Kundenkonto Quotes related to a customer account | Mehrstufige Beziehungsketten testen Test multi-step relationship chains |
| Self Self | Nur eigener Datensatz Only own record | Profilpflege oder Einmalobjekte Profile maintenance or personal objects | Ideal fĂŒr Self-Service-Daten Ideal for self-service data |
| Web Role Web role | Typische Rechte Typical rights | Zuweisung Assignment | Hinweis Note |
|---|---|---|---|
| Anonymous Users Anonymous users | Ăffentliche Seiten und Inhalte Public pages and content | Systemrolle ohne Anmeldung System role without sign-in | Keine Datensicht ohne explizite Table Permissions No data access without explicit table permissions |
| Authenticated Users Authenticated users | Basiszugriff nach Anmeldung Base access after sign-in | Automatisch nach Login Automatically after sign-in | Mit zusÀtzlichen Rollen kombinieren Combine with extra roles |
| Customer Customer | Eigene Cases, Profile, Dokumente Own cases, profiles, documents | Kontakt- oder Account-Relation Contact or account relation | B2C/B2B-Szenarien sorgfÀltig trennen Separate B2C/B2B scenarios carefully |
| Partner Admin Partner admin | Erweiterter Zugriff auf Account-gebundene DatensÀtze Extended access to account-bound records | Manuell oder automatisiert Manual or automated | Least Privilege mit klaren Eskalationswegen Use least privilege with clear escalation paths |
| Portal Content Editor Portal content editor | Inhaltsbearbeitung statt Datenzugriff Content editing rather than data access | Internes Redaktionsteam Internal editorial team | Trennung zwischen Web Content und Dataverse-Rechten Separate web content and Dataverse rights |
| Authentifizierungsanbieter Authentication provider | Einsatz Use case | StÀrken Strengths | Hinweis Note |
|---|---|---|---|
| Local Authentication Local authentication | Portal-eigene Benutzerkonten Portal-native user accounts | Einfach fĂŒr isolierte Szenarien Simple for isolated scenarios | Passwortpolitik und Lifecycle selbst verantworten Own password policy and lifecycle |
| Microsoft Entra ID Microsoft Entra ID | Mitarbeiter, Partner oder B2B Employees, partners, or B2B | SSO, MFA, Conditional Access SSO, MFA, conditional access | Empfohlen fĂŒr Unternehmensszenarien Recommended for enterprise scenarios |
| Azure AD B2C Azure AD B2C | B2C/CIAM-Àhnliche Portale B2C/CIAM-style portals | Social und lokale IdentitÀten kombinierbar Can combine social and local identities | Roadmap zu Entra External ID beachten Observe roadmap toward Entra External ID |
| Google Google | Verbraucherorientierte Anmeldung Consumer-oriented sign-in | Hohe Benutzerakzeptanz High user adoption | Datenschutz- und Branding-PrĂŒfung nötig Privacy and branding review required |
| Facebook Facebook | Consumer Communities Consumer communities | Einfacher Social Login Simple social login | Connector- und PlattformÀnderungen beobachten Monitor provider and platform changes |
| LinkedIn LinkedIn | Berufsorientierte Communities Professional communities | Passender Kontext fĂŒr Partnernetzwerke Good context for partner networks | API-BeschrĂ€nkungen vorab prĂŒfen Review API restrictions upfront |
| Apple Apple | Mobile und Consumer Apps Mobile and consumer apps | Starker Datenschutz-Fokus Strong privacy focus | Spezielle Claims und App-Registrierung erforderlich Requires specific claims and app registration |
| Microsoft Account Microsoft account | Verbraucher mit Microsoft-IdentitÀt Consumers with Microsoft identity | Vertraute Anmeldung Familiar sign-in | Von Entra-ID-Szenarien getrennt betrachten Treat separately from Entra ID scenarios |
Liquid, Web Templates, JavaScript und Web API Liquid, web templates, JavaScript, and Web API
| Liquid-Objekt oder Filter Liquid object or filter | Nutzen Usage | Beispiel Example | Hinweis Note |
|---|---|---|---|
| page page | Aktuelle Seite und Metadaten Current page and metadata | {{ page.title }} {{ page.title }} | Hilfreich fĂŒr Breadcrumbs und Head-Tags Useful for breadcrumbs and head tags |
| request request | HTTP-Kontext HTTP context | {{ request.url }} {{ request.url }} | Nur bewusst fĂŒr Routing oder Logging nutzen Use deliberately for routing or logging only |
| params params | Querystring-Werte Query string values | {{ params.id }} {{ params.id }} | Immer validieren und nicht blind rendern Always validate and never render blindly |
| user user | Angemeldeter Kontakt Signed-in contact | {{ user.fullname }} {{ user.fullname }} | Mit Web Roles und Contact-Rechten kombinieren Combine with web roles and contact rights |
| entities entities | Dataverse-Zugriff aus Templates Dataverse access from templates | {% assign account = entities.accounts[request.params.id] %} {% assign account = entities.accounts[request.params.id] %} | Performance und Berechtigungen testen Test performance and permissions |
| fetchxml fetchxml | FetchXML-Abfrage im Template FetchXML query inside a template | {% fetchxml cases %} ... {% endfetchxml %} {% fetchxml cases %} ... {% endfetchxml %} | FĂŒr gröĂere Datenmengen sparsam einsetzen Use sparingly on large data sets |
| date filter date filter | Formatiert Datumswerte Formats date values | {{ user.createdon | date: 'yyyy-MM-dd' }} {{ user.createdon | date: 'yyyy-MM-dd' }} | Locale-Anforderungen definieren Define locale requirements |
| escape escape | HTML-Escaping HTML escaping | {{ params.q | escape }} {{ params.q | escape }} | Pflicht bei unsicheren Eingaben Mandatory for untrusted input |
| default default | Fallback bei null oder leer Fallback when null or empty | {{ user.firstname | default: 'Guest' }} {{ user.firstname | default: 'Guest' }} | Erhöht Robustheit in Templates Improves template robustness |
| where where | Filtert Collections Filters collections | {{ entities.contacts | where: 'statecode', 0 }} {{ entities.contacts | where: 'statecode', 0 }} | Nicht mit serverseitiger Sicherheit verwechseln Do not confuse with server-side security |
Liquid
Liquid
{% assign current_account = user.parentcustomerid %}
{% fetchxml open_cases %}
<fetch top="10">
<entity name="incident">
<attribute name="title" />
<attribute name="ticketnumber" />
<filter>
<condition attribute="customerid" operator="eq" value="{{ current_account.id }}" />
<condition attribute="statecode" operator="eq" value="0" />
</filter>
</entity>
</fetch>
{% endfetchxml %}
<ul>
{% for case in open_cases.results.entities %}
<li>{{ case.ticketnumber | escape }} - {{ case.title | escape }}</li>
{% endfor %}
</ul>
JavaScript
JavaScript
async function loadCases() {
const response = await webapi.safeAjax({
type: "GET",
url: "/_api/incidents?$select=title,ticketnumber&$top=5",
contentType: "application/json"
});
const data = await response.json();
return data.value;
}
Admin Center, PWA, CDN, Custom Code, SEO und Accessibility Admin center, PWA, CDN, custom code, SEO, and accessibility
| Betriebsthema Operations topic | Was steuern What to control | Werkzeuge Tools | Hinweis Note |
|---|---|---|---|
| Site Visibility Site visibility | Ăffentlich oder privat, Wartungsmodus, DNS Public or private, maintenance mode, DNS | Power Platform admin center Power Platform admin center | Go-Live und Akzeptanztests trennen Separate go-live and acceptance testing |
| Site Checker Site checker | Konfiguration, Sicherheit und Laufzeithinweise Configuration, security, and runtime findings | Built-in diagnostics Built-in diagnostics | RegelmĂ€Ăig vor Releases ausfĂŒhren Run regularly before releases |
| Custom Domain & SSL Custom domain & SSL | Eigene URL und Zertifikate Custom URL and certificates | DNS, certificates, CDN DNS, certificates, CDN | Caching-Invalidation mit Kommunikationsplan verbinden Align cache invalidation with communications |
| PWA PWA | Installierbarkeit und Offline-Assets Installability and offline assets | Manifest, service worker settings Manifest, service worker settings | Nur realistische Offline-Szenarien freischalten Enable only realistic offline scenarios |
| Content Snippets Content snippets | Wiederverwendbarer Text Reusable text | Snippet management Snippet management | Mehrsprachigkeit hier sauber zentralisieren Centralize multilingual content here cleanly |
| Site Markers Site markers | Logische Ziele fĂŒr Navigation und Prozesse Logical targets for navigation and processes | Site markers Site markers | Hilfreich fĂŒr entkoppelte Templates Helpful for decoupled templates |
| SEO SEO | Meta-Tags, Canonical, Struktur, Performance Meta tags, canonical, structure, performance | Page metadata, sitemaps Page metadata, sitemaps | Friendly URLs und Schema-Markup optional ergÀnzen Optionally extend with friendly URLs and schema markup |
| Accessibility Accessibility | ARIA, Kontrast, Tastatur, Alt-Texte ARIA, contrast, keyboard, alt text | Built-in checks, manual review Built-in checks, manual review | WCAG-PrĂŒfung in den Release-Prozess aufnehmen Include WCAG review in the release process |
| VS Code Extension VS Code extension | Dateibasierte Entwicklung und Source Control File-based development and source control | Power Platform CLI + VS Code Power Platform CLI + VS Code | FĂŒr gröĂere Teams klar bevorzugen Clearly prefer for larger teams |
CLI
CLI
pac auth create --url https://org.crm4.dynamics.com
pac paportal download --path .\portal-src --webSiteId 11111111-2222-3333-4444-555555555555
pac paportal upload --path .\portal-src --deploymentProfile prod