“In short, this change unlinks portal accounts from the built-in System user in Dataverse, and, even though the transition is supposed to be smooth, I figured I’d dig a little deeper, so here is what it looks like.”
There are 4 roles – 3 of them are mentioned in the post above:
Service reader is not assigned to the portal account, so I’m not sure what’s the purpose exactly. However, it does have readonly permisison on all the tables, and it’s automatically updated whenever a new table is added. So it works in almost the same way as the other two “Service” roles.
Portal Application User gives required permissions to read plugins/steps/etc – it’s, clearly, a service role.
There is a new sheriff in town – It Ain’t Boring
Power Pages is an improved Dataverse connection using a Dataverse Application User. It provides an easy and secure way to connect to any Dataverse environment without having to use the admin user account. This makes it easier for developers, administrators, or other users to access data from multiple sources in a single place.
Power Pages also allows users to easily create custom applications that leverage the power of Dataverse while still following security best practices. Additionally, Power Pages supports multi-user authentication, which means you can assign different levels of permissions depending on who needs access. With this feature, organizations can better control how their data is accessed and shared across teams and departments within their organization.
Jan 8, 2023 — As part of this journey, we are introducing a change in how a Power Pages website connects to Dataverse by leveraging Dataverse Application User ...
Power Platform Power Pages Improved Dataverse connection using Dataverse Application User Introducing a change in how a Power Pages website ...
Or, in our case, there is a new user in Power Pages: Power Pages :: Improved Dataverse connection using Dataverse Application User | Microsoft Power Pages ...