Many organizations use Power Apps Portals to fulfil business needs for clients, vendors, employees or other business groups. Read more about the Power Apps portals.
Therefore, having a brandable domain is essential for easy access, and Power Apps Portal custom domains help in branding those portals. Read more about how to add a custom domain name.
PowerPlatforms portal when created has to have an address provided by Microsoft. The address has a unique subdomain of powerappsportals.com.
In the example below, the subdomain is “dynamicsupdate” is checked to be unique and can be used. the domain given by Microsoft will be dynamicsupdate.powerappsportals.com.
Again, a domain such as “dynamicsupdate.powerappsportals.com” might not be accepted from the business perspective and pointing to a custom domain is highly needed.
Power Apps Portal custom domains Prerequisites
To set Power Apps Portal custom domains, an SSL certificate is needed and to configure this certificate the portal has to be in a production state.
Trial and production environments
The first prerequisite to configure Power Apps Portal custom domains is to work with production environments only. From the Power Apps portal admin center, The trial and nonproduction environments lack the SSL controls below
- Set up custom domains and SSL
- Manage SSL Certificates
Controls to configure domains and SSL is not avaliable.
Controls to configure domains and SSL is avaliable.
Optaining an SSL certificate to the domain or subdomain is needed, and this SSL can be obtained from differnt sources, either paid or free sources. I will not cover how to obtain the SSL cetificate in this post.
Set up custom domains and SSL
In this action, we will be able to add and point the new Power Apps Portal custom domains to the portal and after this will be able to activate the SSL to be able to access the portal securely using HTTPS.
Security role required
Only a Global Administrator or an owner of the Azure Active Directory application linked to this portal will be able to set up the portal hostname or the SSL binding.
Hostname Assigned to Portal
To set up custom domains is required to be set a CNAME record pointing to the subdomain.powerappsportals.com.
In our case, creating a CNAME record in godaddy.com DNS, where the domain is hosted, pointing to the “dynamicsupdate.powerappsportals.com” domain given by Microsoft.
Manage Custom Domains
After adding the CNAME record to the domain DNS and allowing some time for the DNS to propagate, and from the Power Apps portal admin center, click add new.
Once the CNAME is added and propagated, the domain will be ticked and the CNAME is available to connect.
Now, the new domain will be resolved to point to the portal but still will be missing the SSL.
Manage SSL Certificates
From the Power Apps portal admin center, and from Manage SSL certifacate, upload a certificate.
The certificate data type has to be pfx and if the certificate provider doesn’t generate pfx, then the certificate has to be converted into this format to be able to loaded and used.
A PFX file is a password-protected certificate archive that contains the certificate in addition to the matching private key. There are many csr to pfx converters. Google result for csr to pfx converters.
Finaly to add the pfx file, include the pfx password.
PFX file specifications
- Must be SHA2 enabled
- Encrypted with TripleDES encryption
After uploading the pfx file, and back from set up custom domains and SSL, Add SSL Binding.
Power Apps Portal custom domains should be accessable by now using HTTPS.
There a number of different types of SSL. Some of the SSLs can be obtained for free, examples of free SSL providers are as below.
- Let’s Encrypt – https://letsencrypt.org/
- Zero SSL – https://zerossl.com/
Paid SSLs are prefered by many organizatios and can be obtained from many sources.
- Azure – read more on how to create an SSL certificate for Power Apps Portal custom domains
- Godaddy – read more on how getting SSL from Godaddy
One custom domains only
Power Apps Portal custom domains cant be more than one per domain. The custom domain can be change by performing the process using the new domain or sub domain.
Is there a way to automate renewal of a LetsEncrypt certificate so that it does not require a manual task every month for each portal?
Yes, you can but using a third-party service to renew the SSL certificate.