Manage custom certificates
When extending portals functionality using a client-side API call with OAuth 2.0 implicit grant flow, it's best practice to use custom certificates to provide an additional level of security. You can upload you own custom certificates using the Power Apps portals admin center.
Add new certificate
Open the Power Apps portals admin center.
Select Manage custom certificates. The authentication key is displayed along with its expiration date and thumbprint.
Select Add new to upload a new certificate.
Select the upload button underneath File to select a .pfx certificate file. After selecting the file, enter the password for your SSL certificate in the Password field.
Select OK to upload the certificate.
Note
The SSL certificate must meet all of the following requirements:
- Signed by a trusted certificate authority
- Exported as a password-protected PFX file.
- Contains private key at least 2048 bits long
- Contains all intermediate certificates in the certificate chain
- Must be SHA2 enabled; SHA1 support is being removed from popular browsers
- PFX file must be encrypted with TripleDES encryption; Power Apps portals doesn't support AES-256 encryption
- Contains an Extended Key Usage for server authentication (OID = 1.3.6.1.5.5.7.3.1).
The steps to export SSL certificate as a password-protected PFX file may vary depending on your certificate provider. Check with your certificate provider for recommendation. For example, certain providers may suggest using an OpenSSL third-party tool from OpenSSL or OpenSSL Binaries sites.
Configure site settings
Go to portal settings and select Site Settings.
To create a new setting, select New.
To edit an existing setting, select the site setting listed in the grid.
Specify values
- Name:
CustomCertificates/ImplicitGrantflow - Website: The associated website
- Value: Copy the thumbprint of the uploaded custom certificate from the Manage custom certificate screen and paste here. The value will indicate which certificate will get used for implicit grant flow.
- Name:
Select Save & Close.