In Power Pages, controlling which records a logged in portal user (contact) can access is essential for secure and personalised experiences. This post describes how one contact record can be associated to multiple provider records (Figure 1) and vice versa. Meaning, the contact will only have access to the provider records that they has been associated to. This example will describe how a logged in portal user (contact) will be setup to only be able to access providers A & C. To achieve this, the following steps will be followed
- Create the N:N relationship table
- Populate the relationship table
- Define table permissions
- Confirm Contact level filtering
Walkthrough
Step 1: Create the N:N relationship table
Start by creating an N:N table between the Contact and Provider tables. This enables multiple contacts to be linked to multiple providers
Step 2: Populate the relationship table
Next, populate the relationship table with records that define which contacts should have access to which providers
Step 3: Define table permissions
To enforce access control, configure a table permission on the Provider Contact table with Access Type = Contact. This ensures the logged in portal user (contact) will only be able to view providers which they have been associated to
Create a child permission on the provider table permission (Figure 5) so that power pages knows which providers to display in the list (Figure 6)
Step 4: Confirm Contact level filtering
With table permissions in place, the logged in portal user (contact) e.g. Dustin will only see provider records they’re associated to.
Summary
By leveraging N:N relationships and contact-level table permissions, it’s possible to precisely control record visibility in Power Pages. This approach enhances data security while delivering tailored user experiences
References
https://learn.microsoft.com/en-us/power-pages/security/table-permissions