Follow my blog for more interesting topics on Dynamics 365, Portals and Power Platform. For training and consulting, write to us at email@example.com
PowerApps portals are highly configurable stuffs. And most of the configurations related to authentication can be achieved using Site Setting.
The hard part is there are so many site settings that is very difficult to get hold of all of them. But nonetheless they are quite powerful and you can accomplish some nice cool requirements through them.
And one such requirement is the ability to set Password restrictions during self registration in PowerApps Portals.
Below is a typical user registration page in PowerApps portal
In the password field, you can type anything and register. But more often than not, you would like to set a password policy like
- Uppercase letters (A-Z)
- Lowercase letters (a-z)
- Numeric (0-9)
- Nonalphanumeric characters (example:!,$,#,@,%,*)
You might be thinking Gosh! Don’t ask me to write some complex scripts here. Fortunately you are saved for the day. Because Portal has got your back.
All you need to do is create the below site
Authentication/UserManager/PasswordValidator/EnforcePasswordPolicy and set the value as true.
It’s better you search for this setting first before you create it as it may already be there in your environment.
Refresh your portal cache and browse your portal one more time. The authentication related settings sometimes need a portal restart to take effect. So if clearing portal cache does not reflect the changes, you may need to restart your portal. Next time someone try to register which does not comply with the password policy, you will get an error like the one in below screenshot.
Now here is a bit of disappointment. If you observe the message carefully, it says the password must comply with three of the four clauses. What it means is if I set password value as “abcd” it will throw an error. But if I set the value as “abcd@1” then it will allow the password. Because it satisfies three clause – lowercase, digit and non-alphanumeric, even though the Upper case condition fails.
The setting also works when the user tries to change the password as well.
Hope this helps!