Showing results for 
Search instead for 
Did you mean: 
Not applicable

custom API connection using JWT that expires

We are exploring using powerapps for our organization and are testing out its capabilities. I am working on adding in a connection to on one of the APIs we use the most. For authentication it is passed a JWT through the Authorization header. This JWT is retrieved through a different API call using an API key. The token expires after 5 minutes. In setting up the custom connection I am forced to use the APIkey security method because if I choose no authentication it will not allow me to add an Authorization header. This results in having to make a connection defined by a static API key. I need to be able to update that value at will. Is there a solution or workaround to this? Or is this connection type just not supported and I am just limited to using HTTP requests in a workflow?



Brian Hill

Colorado Christian University

Community Champion
Community Champion

Hi @Anonymous ,

Hope I can assist here. 

RE: "...if I choose no authentication it will not allow me to add an Authorization header..."

You should be able to add an API Key/Access Token to the Request Header

- You'll need the Key name (in the example below, "Access_token" is the key. Just click "Import from sample".image.png



Once you add it to the Request, you can click "Edit" to add the API Key during each test. 


You'll pass the key via PowerApps when you connect the Custom Connector to PowerApps


I've also used Flow to perform this as shown below:


Not applicable

Unfortunately, the header/key name is Authorization which the custom connector creator gives an error on and will not allow.


I had thought about doing one off https requests with this but this isn't the most ideal as it doesn't make for simple reuse.

Hm. I now see what you mean. Looks like the Key name "Authorization" is not allowed.




Looks like PowerApps reserves it for when they send requests using the Azure service-thing:


Some options I can think of:

1. If you have control over the web service (aka: its internal), you could ask your IT folks to change the key name or extend its expiration

2. I've used a variation of the Flow above, but not sure this will help you as the Key is called "token"...



Thats a tough one! 

The problem is you can't make the API Key "Dynamic" when its embedded in the Security part of the CC. The only time you can add a new API key is when the app is opened!

Hm.... Maybe @RandyHayes has an idea? Who else are our Custom Connector masters? Maybe @DavesTechTips ?

I'm facing the same problem. The Header "Authorization" seems to be 'reserved', and you cannot create/use it as your own.


I think the only way this would work, is to not use a custom connector, but add the API call to your flow instead.


Helpful resources

PA_User Group Leader_768x460.jpg

Manage your user group events

Check out the News & Announcements to learn more.

Power Query PA Forum 768x460.png

Check it out!

Did you know that you can visit the Power Query Forum in Power BI and now Power Apps

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

PowerPlatform 768x460.png

Microsoft Learn

Check out our new Discover Your Career Path blog post series and get all the details.

Users online (1,532)