cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
lgtrn
Regular Visitor

How to connect custom API using own OAuth2 in Microsoft Power Automate?

I've been trying to connect Microsoft Power Automate to my API. My API has a OAuth2 Code Flow.
According to Power Automate, the connector can make a connection to my API. and execute a test. But the problem is that Microsoft sends a Bearer token that was generated by them, and not the one that I gave to them via OAuth2, resuting on my API giving a 401 Error (Invalid Token) as expected.


In the Power Automate Custom Connector page, in the security tab I have the following:

Authentication type

OAuth2.0

OAuth2.0 Settings

- Identity Provider: Generic OAuth2
- Client ID: SomeValue
- ClientSecrect: SomeValue
- Authorization URL: mydomain.com/auth/authorize
- Token URL: mydomain.com/auth/token
- Refresh URL mydomain.com/auth/token
- Redirect URL: microsoft-flow.com/redirect (Not the real one)


When Microsoft makes a POST request to "mydomain.com/auth/token", I return the following body:

 

{
access_token: "non JWT token", // simillar to a hash
refresh_token: "non JWT token",
expires_in: 3600
}

 


The request above is final request that microsoft before accepting as a valid connection. The token that microsoft sends me is a JWT one, not the one I provided.

I've seen some guys using Azure AD authentication within the APP, but I was trying to implement something simillar to other platoforms(e.g Github, Spotify, e.t.c)

So my question is it possible to connect Power Automate to a custom API using OAuth2? If yes, how to do it?

 

1 ACCEPTED SOLUTION

Accepted Solutions
lgtrn
Regular Visitor

I've done two steps to fix this problem:

 

Step 1

Previously my API returned the body with access_token, refresh_token and expires_in, but then I added scope and token_type. Example:

{
     access_token: "4468e5deabf5e6d0740cd1a77df56f67093ec943",
     refresh_token: "4fa483e6ab5ecec2eed4837cb0c3e0ef2292fe27",
     expires_in: 3600,
     scope: "none",
     token_type: "Bearer"
}

 

Step 2

Delete the custom connector and create new one with the same parameters. When I got to the "Test" section, Power automate finally could make the GET request successfully.

 

In my case, even if the API was updated, Power automate was still using the faulty token, so I had to delete the custom connector and create new one.

 

Conclusion

By updating the API and deleting the old custom connector, I was able to get the connector working.

View solution in original post

1 REPLY 1
lgtrn
Regular Visitor

I've done two steps to fix this problem:

 

Step 1

Previously my API returned the body with access_token, refresh_token and expires_in, but then I added scope and token_type. Example:

{
     access_token: "4468e5deabf5e6d0740cd1a77df56f67093ec943",
     refresh_token: "4fa483e6ab5ecec2eed4837cb0c3e0ef2292fe27",
     expires_in: 3600,
     scope: "none",
     token_type: "Bearer"
}

 

Step 2

Delete the custom connector and create new one with the same parameters. When I got to the "Test" section, Power automate finally could make the GET request successfully.

 

In my case, even if the API was updated, Power automate was still using the faulty token, so I had to delete the custom connector and create new one.

 

Conclusion

By updating the API and deleting the old custom connector, I was able to get the connector working.

View solution in original post

Helpful resources

Announcements
MPA_User Group Leader_768x460.jpg

Manage your user group events

Check out the News & Announcements to learn more.

V3_PVA CAmpaign Carousel.png

Community Challenge - Giveaways!

Participate in the Power Virtual Agents Community Challenge

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

PowerPlatform 768x460.png

Microsoft Learn

Check out our new Discover Your Career Path blog post series and get all the details.

Users online (2,666)