In Dynamics 365, role based security permissions control what type of records each user can access. For portal users, a web role is needed to gain access permissions and different roles can be configured to enable varying access levels to portal pages. Local authentication is the most common process using a contact record for authentication. However, for custom authentication, developers can use the ASP.Net Identity API to create custom login pages. In these instances, account credentials and password management is handled by a third-party identity provider. This includes Windows ID, Google and Facebook.