Improve Power Pages security with site visibility control

We are excited to announce another layer of security for the Power Pages website by introducing site visibility feature with website version 9.4.9.xx

The Power Pages site visibility function enables makers to manage who has access to the website. Authorized makers can make the site private to restrict access to specific people in organization, or public so that anyone with the link has access.

All new sites created in Power Pages and Power Apps portals are Private by default. When a website is ready to go live, the site visibility can be changed to Public.

graphical user interface, website

The site visibility feature brings new capabilities for makers and administrators:

  • Sites are created in a private state, making them secure by default
  • Ability to share restricted site access for organization users for better collaboration during development
  • Makers are alerted before making edits are made to public site across Power Pages, Power Apps portals studio designer, Portal Management App, PAC CLI tool, visual studio code
  • Service admins govern who can make a site public using Power shell script and Power Platform Admin Center

Power Pages sites are private by default

When you create a new site in Power Pages home page it is private by default. The new website has restricted access over the internet and only the members with system administrator role preview the site. Maker receives notification of site visibility status on home page and across all the studio designers.

graphical user interface, website

Ability to grant website access

Site owners can grant website access to other users in the organization during the design phase at Set up workspace.

testing testing

Makers get awareness on editing public site

Editing the live site will have a negative impact on customers who are working on the website. When a maker opens a public site for editing, they are notified that edits will apply to the live site

graphical user interface, website

Administrative control of site visibility

When a new site is created, users with the system administrator role and service admins have default privileges to change site’s visibility status. Admins can grant or revoke this privilege for system administrators at tenant level by running a PowerShell script. Additionally, to provide granular control on who can change the site visibility status, admins can delegate the permissions to specific system administrators in certain Azure Directory security groups.

graphical user interface, website

As we continue to enhance Power Pages offerings, would love to hear your feedback.  For more information, visit the detailed documentation for site visibility.