cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
RyanW7
Advocate II
Advocate II

Header token authentication with an on-premise API?

Hello all,

 

I am trying to create a PowerApps front-end to an internal network API that is not internet accessible.

 

I can hit the API endpoints by enabling Data Gateway on the PowerApps Custom Connector, but this limits the forms of authentication I can use down to Windows and Basic.

 

As I've read up on, it appears for APIs that use a bearer token in the header authentication, there is a need to have the "API Key" authentication method selected when creating the Custom Connector, however this isn't available when using the Data Gateway. See: https://powerusers.microsoft.com/t5/Connecting-To-Data/Using-API-Key-Authentication-Type-While-Conne...

 

Without exposing this API directly to the Internet, is there any options that I'm failing to think of that someone can suggest?

Thank you!

8 REPLIES 8
v-litu-msft
Community Support
Community Support

Hi @RyanW7,

 

What authentication methods does your data source support?

There is a post about Authorization Bearer in Header, I hope it could help you something:

https://powerusers.microsoft.com/t5/Connecting-To-Data/Authorization-Bearer-in-Header-Custom-Connect... 

Best Regards,
Community Support Team _ Lin Tu
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Hello @v-litu-msft 

 

I did see that post and that method  is exactly what I'm trying to accomplish,

the problem I am facing is you cannot use 'API Key' authentication if you enable 'Data Gateway'.

 

The reason 'Data Gateway' is needed is because my API endpoint is within a private network space and not publicly hosted.

 

My application creates a bearer token for authentication via:

POST https://myapisever.internal.com/login

Headers: Content-Type application/json

Body:

{

  "username": "user",

  "password": "password"

}

 

The response is as such with a body of:

{

  "access_token": "<authentication token>"

}

 

That <authentication token> needs to be in the header of any further API calls past logging in.

 

Does that help clarify?

SamPo
Impactful Individual
Impactful Individual

@RyanW7 Did you ever find a way to do this?

Also having the same issue...

yasminSarbaoui
Microsoft
Microsoft

Hey there @RyanW7 , did you solve this issue ?

shyamsu
Power Automate
Power Automate

@yasminSarbaoui what auth type does your API support? For APIKey auth, you can try SetHeader or SetQueryParameter policy template : https://docs.microsoft.com/en-us/connectors/custom-connectors/policy-templates

 

@shyamsu just found out that we are on self signed scenario. 

shyamsu
Power Automate
Power Automate

@yasminSarbaoui by self signed, do you mean self signed certificate?

Hello @yasminSarbaoui  and @SamPo, No this remains unresolved.

There is currently no supported function to do header token authentication within a custom API connector that is on-premise. The only workarounds I have seen are to expose the API to the public Internet, OR to set it as 'No Authentication' and attempt to use a raw HTTP calls to provide the header which appears to be blocked as well.

2020-11-30 11_27_55-Power Apps.png2020-11-30 11_28_23-Power Apps.png

Helpful resources

Announcements
MPA User Group

Welcome to the User Group Public Preview

Check out new user group experience and if you are a leader please create your group

MSFTBizAppsLaunchEvent

Experience what’s next for Power Virtual Agents

See the latest Power Automate innovations, updates, and demos from the Microsoft Business Applications Launch Event.

New Super Users

Meet the Power Automate Super Users!

Many congratulations to the Season 1 2021 Flownaut Crew!

Power Platform ISV STudio

Power Platform ISV Studio

ISV Studio is the go-to Power Platform destination for ISV’s to monitor & manage applications post-AppSource publish.

Users online (71,764)