When you click 'Sign in with Microsoft' on a Power Pages site, what actually happens? This guide breaks it down with simple analogies and clear visuals.
Complete deep dive into OAuth 2.0, OpenID Connect, SAML 2.0, Single Sign-On, Social Identity Providers, and Session Security in Microsoft Power Pages.
What is Authentication?
Authentication answers the question: "Who are you?"
It's the process of verifying a user's identity before granting access to your portal. Think of it as the bouncer at a club checking IDs before letting people in.
Authentication
"Who are you?" - Verifying identity
- Login with username/password
- Multi-factor authentication
- Social login (Google, Microsoft)
Authorization
"What can you do?" - Granting permissions
- Web roles
- Table permissions
- Page access rules
OAuth 2.0: The Foundation
OAuth 2.0 is the industry-standard protocol for authorization. It allows users to grant limited access to their resources without sharing credentials.
Key Concept
OAuth 2.0 is about authorization (what you can access), not authentication (who you are). OpenID Connect adds the authentication layer on top.
OpenID Connect (OIDC)
OpenID Connect is an identity layer built on top of OAuth 2.0. It adds the ability to verify user identity and obtain basic profile information.
OIDC in Power Pages
- Microsoft Entra ID - For internal users
- Entra External ID - For external customers
- Social Providers - Google, Facebook, etc.
SAML 2.0: Enterprise SSO
SAML (Security Assertion Markup Language) is an XML-based standard for exchanging authentication data between parties. It's commonly used in enterprise environments.
When to use SAML?
Use SAML when integrating with enterprise identity providers like ADFS, Okta, or Ping Identity that prefer SAML over OIDC.
Need Authentication Help?
Get expert guidance on setting up secure authentication for your Power Pages portal.
Book Consultation