When developing and testing PowerApps Portals (now known as Power Pages), simulating different user roles is critical. Power Pages often serve a diverse audience—anonymous users, authenticated users, administrators, or users with specific web roles. Validating user permissions, visibility, and access control requires replicating how these roles function within a secure and accurate test environment.
This guide explains how to simulate user roles step by step, ensuring your portal behaves as expected for each type of user.
1. What Are Web Roles in PowerApps Portals?
Web roles in Power Pages define what a user can see or do. They map portal users (contacts) to access levels within the portal, such as:
- Authenticated Users (logged in)
- Administrators
- Case Managers
- Vendors or Partners
- Custom roles with specific permissions
Each web role can be associated with:
- Page permissions
- Entity permissions
- Web file access
- Web forms and entity lists
2. Why Simulate User Roles in Testing?
Testing with different roles ensures:
- Security: Unintended data isn’t exposed to unauthorized users
- User experience: Each user sees the correct interface
- Functionality: Actions like submitting forms or accessing entity lists are role-restricted
- Compliance: You meet organizational or legal data access requirements
3. Test Environment Setup
Prerequisites:
- A Dataverse environment with a configured Power Pages site
- A copy of production data (scrubbed for PII) or seeded test data
- A minimum of three test users, each with unique roles:
- Admin
- Authenticated User
- Custom Role (e.g., Vendor)
4. Step-by-Step: Simulating User Roles
Step 1: Create or Identify Test Users
Create test contact records in Dataverse (if not already present) and associate them with Azure AD B2C, local authentication, or external identities.
Example contacts:
Admin TesterVendor TesterAnonymous User(for public access)
Step 2: Create/Assign Web Roles
Go to Portal Management App → Web Roles:
- Create new roles if needed:
VendorCase ManagerPortal Admin
- Enable the “Authenticated Users Only” checkbox if it’s a secured role
- Assign appropriate entity permissions and page access
Associate users by adding them to the Contact > Web Roles subgrid.
Step 3: Configure Entity Permissions (Optional but Recommended)
To restrict access to data:
- Go to Entity Permissions in Portal Management
- Select entity (e.g.,
Case,Work Order) - Define Access Type:
- Global
- Contact (own records)
- Account (linked to contact’s account)
- Add CRUD permissions
- Link this permission to a web role
This ensures only users with the proper web role can see, create, or update records.
Step 4: Prepare Test Scenarios
Document expected behaviors for each role:
| Role | Should See | Should Do |
|---|---|---|
| Anonymous | Homepage, Public pages | Cannot access profile or forms |
| Vendor | Vendor dashboard, own records | Submit requests |
| Admin | All pages, all records | Manage users, edit settings |
Step 5: Sign In As Each User
You can simulate sign-ins in multiple ways:
- Manual Login: Use credentials for each test user to manually sign in via the portal UI
- Playwright/Test Framework: Automate login flows in UI testing tools
- Portal Preview Mode (Maker Studio): Preview as anonymous or signed-in user (limited simulation)
- Browser Profiles: Use Chrome/Edge profiles to stay logged in as different users
Step 6: Validate Role-Based Access
Test the following per user:
- Page access
- Visibility of buttons/forms
- Data access in entity lists or views
- Restricted actions (e.g., update/delete)
Use F12 DevTools and Network tab to inspect calls and check if the user is restricted at both UI and data levels.
Step 7: Automate Role-Based Tests (Optional)
Using tools like Playwright, you can simulate different logins:
test('Vendor user should not access Admin dashboard', async ({ page }) => {
await loginAsVendor(page); // use a helper function
await page.goto('https://yourportal.com/admin-dashboard');
await expect(page.locator('.access-denied')).toBeVisible();
});
8. Best Practices
- Avoid using real user credentials in tests
- Isolate test environments from production
- Regularly sync role settings between environments
- Use test data for forms and entity submissions
- Log audit info when debugging access issues (e.g., user ID and role on load)
9. Common Pitfalls and Solutions
| Issue | Fix |
|---|---|
| User sees “Access Denied” | Check page/web role permissions |
| Role doesn’t apply | Confirm Contact > Web Role mapping |
| Authenticated user sees no data | Check entity permission record access |
| User bypasses restrictions | Secure both UI and entity permissions |