What Security Model Makes Sense for Your Portal?

by | Updated August 1, 2020 | Dynamics CRM

Security models for portals

Dynamics 365 Portals has seen some great improvements and is rapidly becoming a cornerstone for a majority of Dynamics 365 Customer Engagement implementations. Portals are used to set up an interactive web-based sales, services, support, and social engagement application platform to connect with the customers, engage communities, manage site content, and empower your channel partners. Once you have identified the general scope of what your portal will be, you will want to start to design the security model that protects it.

Dynamics 365 portals include capabilities to secure access to different parts of the portal content based on the target audience and relationship to the content. Portal security governs both visibility and management of specific content such as individual pages or the entire sections of a side. Keep in mind that portal security is different than Dynamics 365 CE security and they are not interchangeable.

Depending on the purpose of your portal, visitors can play different roles. Below is a list of different roles.

Portal Visitor Roles

Anonymous

Some visitors browse the portal site to get more information about your company and its services and do not sign in.

Community Members, Customers, Partners, Employees

These site visitors are your target audience, either internal or external. They use the portal to access protected information or interact with the portal.

Content Managers

They publish and manage the site content. It is common for them to have a license to access Dynamics 365.

Administrators

They keep the portal up and running, and are responsible for all aspects of the portal. They often work together with the Content Managers and typically have a Dynamics 365 license.

When a visitor signs in, it is always associated with a contact. Dynamics 365 Portals uses a number of entities to define authorization, that is, what a user is allowed to do. The authorization process covers access to pages, website authoring, content publishing, blogs, forms, ideas, knowledge articles, and Dynamics 365/Common Data Service data.

Create Web Roles

After a contact has been configured to use the portal, it must be given one or more web roles to perform special actions or access content on the portal. For example, to access a restricted page, the contact must be assigned to a role to which read for that page is restricted. To publish new content, the contact must be placed in a role that is given content publishing permissions.

To define permissions, a web role can be associated with the following records:

  • Website Access Permissions
  • Web Page Access Control Rules
  • Publishing State Transition Rules
  • Ideas, Blogs, Forums Permissions
  • Entity Permissions

Role Assignment

Contacts

A portal contact can be assigned one more web role at a time.

Accounts

An account can be assigned one or more web role. All contacts under that account will inherit the role assigned.

Invitations

These can be associated with a parent account and a set of web roles. When a contact accepts that invitation, they will be assigned the account and web roles.

Web Roles also include Anonymous Users Role and Authenticated Users Role which allows you to apply permissions and access rules to all portal users based on whether they access the site anonymously or if they are signed in. Contacts do not have to have the Authenticated User Role assigned.

Now that we have covered the concept of web roles, let us see how they can be used to shape permissions for the portal.

Control Webpage Access for Portal

Web page access control rules are records that you create for your portal to control both the publishing actions that web role can perform across the pages of your website and to control which pages are visible by web roles. When you create a web page access control rule, you need to specify the Web Page and the Right. Once you have created a new access control rule, you can associate it with one or more web roles.

There are two types of access control rule: Grant Change and Restrict Read

Grant Change

Grant Change allows a user in a web role associated with the rule to publish content changes for this page and all child pages of this page. Grant Change takes precedence over restrict read.

For example, you might have a News section on the site, which you want to be editable by users in the News Editor web role. These users might not have access to the entire sit, and certainly cannot edit the entire site, but within this branch, they have full content publishing authority.

Restrict Read

Restrict Read is used to limit viewing of a page and its child pages. It is a restrictive rule that restricts the action to a limited set of users.

For example, you might have a section of the site meant to be used by employees only. You can restrict read access of this branch to only people in the Employee web role.

Website Access

Website Access Permissions is a permission set, associated with a web role, that permits front-side editing of the various content managed elements within the portal other than just web pages. Once the grant change right is applied to a page, users in associated web roles will be able to edit the page and set properties. These website access permissions are defined on a per-site basis. It is not possible to enable and disable these permissions selectively for an individual page where the grand change right applies.

We have covered the fundamentals of Dynamics 365 Portals security. Portal features provide out-of-the-box flexibility that allows you to build robust, versatile portals where security can be configured to satisfy even the most complex business requirements when it comes to the content. Subscribe to our blog to learn more about Dynamics 365 Portals along with other technology and Dynamics information.

Related Posts

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Upcoming Events

may

05may2:00 pm2:30 pmSimplifying Item Pricing, Availability, and Tracing for Batch Manufacturers

06may11:00 am12:00 pmConfab with Stoneridge - New Features to Empower Your Remote Workforce

12may10:00 am10:30 amThe Modern Manufacturer: Manufacturing Software in the Real World

12may12:00 pm12:30 pmFinancial Implications of Moving from Dynamics GP to Dynamics 365: Licensing and Infrastructure

17may(may 17)8:00 am28(may 28)11:00 amDynamics 365 Finance & Supply Chain Development Training - Online Workshop

19mayAll Day20Manufacturing and Microsoft Technology Conference

19may9:00 am10:00 amWhat is Your Global Manufacturing Strategy? Is It Time to Reshore?

19may10:30 am11:30 amFour Keys to Choosing the Best ERP or CRM Solution

19may10:30 am11:30 amGetting and Keeping Customers in 2021 and Beyond

19may10:30 am11:30 amMastering the Production Floor

19may12:00 pm1:00 pmImagining the Possibilities with Dynamics 365 for Manufacturing

19may12:00 pm1:00 pmBeyond Reporting - What BI Can Do For Your Manufacturing Operation

19may1:30 pm2:30 pmSmart Field Service for Manufacturers and Distributors

19may1:30 pm2:30 pmV is for Victory - The Elements of a Successful MRP Implementation Rollout

19may3:00 pm4:00 pmLot Management Strategies and Best Practices

19may3:00 pm4:00 pmSelling Through a Complex Channel - Distributor Management

20may10:00 am11:00 amManufacturing Technology in 2021 - The Impact of Digital Transformation

20may12:00 pm1:00 pmThe Power of a Connected Shipping Solution

20may12:00 pm1:00 pmEmployee Experience with Company ERP Implementations and Recommendations to Increase Employee Satisfaction

20may1:30 pm2:30 pmReporting and Business Intelligence Strategies for Today's CFO

20may1:30 pm2:30 pmSelecting and Implementing ERP: Don’t Leave it to Chance

20may3:00 pm4:00 pmCybersecurity Tips for Manufacturers – How to Protect Yourself From Ransomware & Other Vulnerabilities

20may3:00 pm4:00 pmEnsuring Quality for Batch Manufacturers

20may3:00 pm4:00 pmGuaranteeing ERP Project Success with an Enterprise Process Review

26may10:00 am10:30 amFinancial Implications of Moving from Dynamics GP to Dynamics 365: Services

26may10:00 am10:30 amThe Modern Manufacturer - Enterprise Asset Management

june

01jun8:00 am02(jun 2)11:00 amPower BI for Dynamics 365 - Online Workshop

02jun2:00 pm2:30 pmBusiness Intelligence for Batch Manufacturers

09jun10:00 am10:30 amThe Modern Manufacturer - Machine Maintenance Work Orders

23jun10:00 am10:30 amThe Modern Manufacturer: Cost Accounting in D365

About Stoneridge
Stoneridge Software is a unique Microsoft Gold Partner, with emphasis on partner. With specialties in Microsoft Dynamics 365, Microsoft Dynamics AX, Microsoft Dynamics NAV, Microsoft Dynamics GP and Microsoft Dynamics CRM, we focus on attracting the most knowledgeable experts in the field to our team, and prioritize delivering stellar solutions with maximum impact for your business. At Stoneridge, we are deeply committed to your results. Each engagement is met with a dedicated team, ready to provide thorough, tailored, and expert service. Based in Minnesota, we intentionally “step into your shoes,” wherever you are. We focus on what you care about, and develop trusting, long-term relationships with our clients.

Subscribe To Our Blog

Sign up to get periodic updates on the latest posts.

Thank you for subscribing!

X