Enable Identity Providers for Power Apps Portal Authentication | PL-400 Exam Guide | Microsoft

Correct Answers: B, D and F

By default, anybody can use the Power Apps portal as an unauthenticated user.

If users want to register at the portal, there are two methods: Local authentication - creates a local identity with a username and password stored in a Dataverse database internally.

External authentication - uses credentials of the third-party identity providers.

Power Apps portal divides external providers by the authentication protocol:

Portal administrators can enable/disable Identity providers and set them as default on the portal's Authentication Settings panel.

On the same panel, we can add or modify a provider.

For each authenticated user, a portal creates a contact record in the Dataverse database.

It also assigns a web role.

The role defines a user's access to portal resources.

All other options are incorrect.

For more information about Power Apps portal authentication, please visit the below URLs:

To set up authentication for the Power Apps portal based only on the OAuth2 protocol, you need to enable the identity providers that support this protocol. OAuth2 is an open-standard authorization framework used for accessing resources on the internet, which is supported by many identity providers. Here is the detailed explanation of each of the identity providers listed in the answer choices:

A. Local sign-in: This identity provider allows users to create an account and sign in using their email address and password. It does not support OAuth2 protocol, so it should not be enabled for the Power Apps portal in this scenario.

B. Twitter: This identity provider allows users to sign in using their Twitter account. While Twitter supports OAuth2 protocol, it is not recommended to use it as the sole authentication method for a Power Apps portal, as not all users may have a Twitter account.

C. Azure AD: This identity provider is a Microsoft cloud-based directory and identity management service that supports OAuth2 protocol. It allows users to sign in using their work or school account, or a Microsoft account. This is a recommended identity provider to enable for the Power Apps portal.

D. Microsoft: This identity provider allows users to sign in using their Microsoft account, which supports OAuth2 protocol. This is a recommended identity provider to enable for the Power Apps portal.

E. Azure AD B2C: This identity provider is a cloud-based identity and access management service for consumers, which supports OAuth2 protocol. It allows users to sign in using their email address, social accounts, or other external identity providers. This is a recommended identity provider to enable for the Power Apps portal.

F. Google: This identity provider allows users to sign in using their Google account, which supports OAuth2 protocol. While Google is a popular identity provider, it is not recommended to use it as the sole authentication method for a Power Apps portal, as not all users may have a Google account.

In conclusion, the recommended identity providers to enable for the Power Apps portal based only on the OAuth2 protocol are Azure AD, Microsoft, and Azure AD B2C.