From power-pages
Creates web roles for Power Pages code sites to control user access and permissions, including anonymous and authenticated roles. Generates YAML files with UUIDs, verifies structure, and preps for deployment.
npx claudepluginhub microsoft/power-platform-skills --plugin power-pagesThis skill is limited to using the following tools:
Create web roles for a Power Pages code site. Web roles define the permissions and access levels for different types of site users.
Sets up Microsoft Entra ID login/logout authentication and role-based authorization for Power Pages code sites. Creates framework-specific auth services, UI components, and access controls.
Configures Webflow enterprise RBAC with OAuth 2.0 scopes, role mappings, per-site tokens, workspace management, and audit logging for API integrations.
Automates Webflow CMS collections (create/update/list/delete items), site publishing, page management, asset uploads, and ecommerce orders via Composio's Rube MCP toolkit. Use for programmatic site management.
Share bugs, ideas, or general feedback.
Create web roles for a Power Pages code site. Web roles define the permissions and access levels for different types of site users.
${CLAUDE_PLUGIN_ROOT}/scripts/generate-uuid.js to produce valid UUID v4 values for each web role.anonymoususersrole: true and only one can have authenticatedusersrole: true. Always check existing roles before setting these flags.Prerequisite: The site must be deployed at least once before web roles can be created, since deployment creates the
.powerpages-sitefolder structure that stores web role definitions.
Initial request: $ARGUMENTS
.powerpages-site/web-roles/ directoryGoal: Confirm the .powerpages-site/web-roles/ directory exists and is ready for web role files
Actions:
Locate the project root (**/powerpages.config.json) and check for .powerpages-site/web-roles/.
If .powerpages-site does NOT exist: Ask the user to deploy first via AskUserQuestion (options: "Yes, deploy now (Recommended)", "No, I'll do it later"). If yes, invoke /deploy-site then resume from Phase 2. If no, stop.
If .powerpages-site exists but web-roles/ does NOT: Create it:
New-Item -ItemType Directory -Path "<PROJECT_ROOT>/.powerpages-site/web-roles" -Force
If both exist: Proceed to Phase 2.
Output: Confirmed .powerpages-site/web-roles/ directory exists and is ready
Goal: Identify all web roles already defined for the site
Actions:
Read all YAML files in the .powerpages-site/web-roles/ directory. Each file represents one web role with this format:
anonymoususersrole: false
authenticatedusersrole: false
id: 778fa3d0-a2ef-4d2b-98b8-e6c7d8ce1444
name: Administrators
Parse each file and compile a list of existing web roles (name, id, and flags).
Present the existing roles to the user:
"I found the following existing web roles in your site:"
- Administrators (id:
778fa3d0-..., authenticated: false, anonymous: false)- (etc.)
If no roles exist yet, inform the user:
"No web roles are currently defined for your site."
Output: Complete list of existing web roles with their names, IDs, and flags
Goal: Decide which new web roles to create based on site needs and user input
Actions:
Based on the site's purpose and the existing roles, suggest appropriate web roles. Use AskUserQuestion to confirm with the user.
Common web roles for Power Pages sites include:
authenticatedusersrole: true)anonymoususersrole: true)Ask the user which roles they want to create:
| Question | Options |
|---|---|
| Which web roles would you like to create for your site? You can select from suggestions or describe custom roles. | (Provide relevant suggestions based on site context, existing roles, and business domain) |
CRITICAL: Do NOT suggest roles that already exist. Filter out any existing role names before presenting options.
Allow the user to specify custom role names as well.
Output: Confirmed list of new web roles to create
Goal: Generate properly formatted YAML files with valid UUIDs for each new web role
Actions:
For each new web role the user approved, create a YAML file in .powerpages-site/web-roles/.
For each role, generate a UUID using the Node script. NEVER generate UUIDs yourself — always use the script.
node "${CLAUDE_PLUGIN_ROOT}/scripts/generate-uuid.js"
The filename should be the role name in kebab-case with a .yml extension (e.g., Administrators → administrators.yml, Content Editors → content-editors.yml).
Write the file with this exact format (4 fields, no extra whitespace or comments):
anonymoususersrole: <true if this is the anonymous users role, false otherwise>
authenticatedusersrole: <true if this is the authenticated users role, false otherwise>
id: <UUID from generate-uuid.js>
name: <Role Name>
Rules:
anonymoususersrole: trueauthenticatedusersrole: truetrue, do not set it again on a new roleOutput: All new web role YAML files created
Goal: Validate that all created web role files exist, have valid format, and constraints are satisfied
Actions:
List all files in .powerpages-site/web-roles/ and read each new file to confirm they were written correctly.
For each new web role file, verify:
id field contains a valid UUID v4 formatname field matches the expected role nameanonymoususersrole and authenticatedusersrole are valid booleansVerify uniqueness constraints across ALL role files (existing + new):
anonymoususersrole: trueauthenticatedusersrole: trueid values exist across rolesIf any file fails validation, fix the issue before proceeding.
Output: All web role files validated — correct format, valid UUIDs, no constraint violations
Goal: Present a summary of created roles and offer deployment
Actions:
Record skill usage:
Reference:
${CLAUDE_PLUGIN_ROOT}/references/skill-tracking-reference.md
Follow the skill tracking instructions in the reference to record this skill's usage. Use --skillName "CreateWebroles".
Present a summary of what was created:
"I've created the following new web roles:"
Role Name ID Anonymous Authenticated Content Editors a1b2c3d4-...false false (etc.)
Then ask the user if they want to deploy the site to apply the new roles:
| Question | Options |
|---|---|
| The new web roles have been created locally. To apply them in Power Pages, the site needs to be deployed. Would you like to deploy now? | Yes, deploy now (Recommended), No, I'll deploy later |
If "Yes, deploy now": Tell the user to invoke the deploy skill:
"Please run
/deploy-siteto deploy your site and apply the new web roles."
If "No, I'll deploy later": Acknowledge and remind them:
"No problem! Remember to deploy your site using
/deploy-sitewhen you're ready to apply the new web roles to your Power Pages environment."
Output: Summary presented and deployment offered
.powerpages-site is missingBefore starting Phase 1, create a task list with all phases using TaskCreate:
| Task subject | activeForm | Description |
|---|---|---|
| Verify site structure | Verifying site structure | Check for .powerpages-site/web-roles/ directory, create if needed |
| Discover existing roles | Discovering existing roles | Read current web role YAML files and compile list of existing roles |
| Determine new roles | Determining new roles | Analyze site needs and ask user which roles to create |
| Create web role files | Creating web role files | Generate YAML files with UUIDs from the Node script for each new role |
| Verify web roles | Verifying web roles | Validate all files exist, have valid UUIDs, and uniqueness constraints are satisfied |
| Review and deploy | Reviewing and deploying | Present summary of created roles and offer deployment |
Mark each task in_progress when starting it and completed when done via TaskUpdate. This gives the user visibility into progress and keeps the workflow deterministic.
Begin with Phase 1: Verify Site Structure