cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Regular Visitor

Accessing on-premise JWT-secured REST API exposed through Azure App Proxy

Good day all,

Please bear with me as I'm very new to this and after trying to follow through a few blog posts, I'm not any closer to a solution. Also, please, keep in mind that I have zero visibility at the Azure side of things, so your guidance may just be something I need to ask that team to do for me; which would be fine.

I'm trying to use Power Automate to reach a REST API exposed through Azure App Proxy. I thought that because as a user of the flow I'm already logged in, I could just use the HTTP action to request a JWT from the API. When my flow runs, it fails and I can see in the Run History that it has redirected the call to http://login.microsoftonline.com/.../.

1. So, I understand that authentication to Azure is not happening seamlessly? Is there no way to use the signed-in user's credentials to go through the proxy? All employees have access to the exposed API (I've been told). 

2. Assuming that the above is correct (i.e. that's the expected behaviour), am I also correct to believe that there are two ways I can go about achieving this connection? a. with an HTTP with Azure connection and b. with an action inside my flow?

Lets park the first option as I read that it doesn't handle raw binary format requests. Focusing on the second option, the action inside my flow, I've read a few things about this and have tried to post to /oauth2/token and /oauth2/athorize (following different blog posts) but I'm not getting anywhere. 

Segluca's post "Generate an Azure OAuth2.0 Token from a "service"" which calls /oauth2/token, provides client and secret IDs as part of the request to recieve back a token to use with subsequent calls. 

3. I understand I get these IDs from an App Registration which will not be the same as the App that was published in the Azure App Proxy? Is that correct?

4. Assuming that they register a new App so that I can use those details to authenticate and get the token, I will then need to make a call to the actual JWT-secured API to get another token for subsequent calls to the actual REST API. Is it possible to use Power Automate to get and use both these tokens with each subsequent request?

I understand this is long and quite theoretic and will probably put off a lot of people would could otherwise help, but any guidance will be greatly appreciated.

Thank you for any help you can provide me with.

2 REPLIES 2
Highlighted
Community Support
Community Support

Re: Accessing on-premise JWT-secured REST API exposed through Azure App Proxy

Hi,

 

Typically when you use exposed endpoints like this most people will elect to use the HTTP connector instead of the Azure connector. In addition I think your Azure connector might be set up incorrectly since if you set it up correctly it should not be directing to our online environment but without seeing it I cannot be certain. Both the HTTP Azure connection and the regular Azure connection should work as long as they are both set up correctly. As for your last two questions it depends alot on what you are trying to do and how you are building your flow. Overall this might be a better question for the Microsoft Support team. I will include a link below; on how to open a case with them. Otherwise if any other communities members might know the answer to these last two questions feel free to chime in.

 

If you would like to create a ticket with Microsoft Customer Support here is a link on how to do so: https://docs.microsoft.com/en-us/power-platform/admin/get-help-support

 

Regards,

 

Alex

 

-------

 

Community Support Team _ Alex Rezac
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Highlighted
Regular Visitor

Re: Accessing on-premise JWT-secured REST API exposed through Azure App Proxy

Thank you @alrez this all makes sense actually. I'm still waiting for the Azure team to look into it, but thank you for the link to submit my question to MS Support. I'll get back to this as soon as I have an answer from the team. Hopefully, it'll be as you said and we can mark this as the solution.

Helpful resources

Announcements
firstImage

Power Platform 2020 release wave 2 plan

Features releasing from October 2020 through March 2021

firstImage

Join the new Power Virtual Agents Community!

We are excited to announce the launch of Power Virtual Agents Community. Check it out now!

firstImage

New & Improved Power Automate Community Cookbook

We've updated and improved the layout and uploading format of the Power Automate Cookbook!

thirdimage

Power Automate Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

Users online (10,665)