cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
etuell
Frequent Visitor

Best place to store bearer token

‎04-08-2022 10:28 AM

Background:

I have a power app that uses many Power Automate Flows to make API calls to the same entity. I have a different flow for each type of API call that I need to make. Each API call requires the Bearer Token to be passed in the header. On each flow, I have a process that requests the Bearer Token. I store it in a variable then pass it in the header. All the API calls work but the problem is that the endpoint limits the number of bearer tokens issued per minute. The bearer token also expires after 60 minutes.

 

What I'd like to do is create a new flow that runs on a schedule (every 60 minutes) and securely stores the bearer token somewhere. Once a flow is ran, it retrieves the bearer token and passes it in the header of each API call. Is this a good way of doing this? If so, where is the best place to store the bearer token. I'm open to any and all ideas.

 

Here is what I'm doing now in all of my flows.

 

etuell_0-1649438927431.png

 

 

 

Message 1 of 4
1,424 Views
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
etuell
Frequent Visitor

‎04-12-2022 04:10 PM

I did find a solution that worked for me. I was able to follow this article https://www.c-sharpcorner.com/article/how-to-access-azure-key-vault-secrets-through-rest-api-using-p...

and did all the testing in Postman. I then transferred everything from Postman into Power Automate. Here is how it's working now and it works great. This solution does require Premium HTTP actions which I have purchased a flow license for.

 

  • Power Automate Flow runs on a schedule (every 45 minutes)
  • Reaches to an API endpoint and get a bearer token and stores it in a variable. (this is the one I want to store in key vault)
  • Reaches out to Microsoft and gets a bearer token
  • Uses Microsoft's bearer token to connect to the Azure Key Vault
  • Sets the secret's value ( I used this article - https://docs.microsoft.com/en-us/rest/api/keyvault/secrets/set-secret/set-secret)

All of my flows now get the Bearer Token from the key vault instead of getting it on every API call.

 

View solution in original post

Message 3 of 4
1,398 Views
3 REPLIES 3
etuell
Frequent Visitor

‎04-12-2022 09:56 AM

An update to give a little more detail. I am currently storing the API client ID and secret in Azure Key Vault. I can retrieve the those items from Power Automate easily. I thought about storing the bearer token in Azure Key Vault as well but Power Automate does not seem to have native connector to create or update an object on the Azure Key Vault. 

 

I would like to see what other people have done in this situation. Where do bearer token normally get stored?

Message 2 of 4
1,404 Views
etuell
Frequent Visitor

‎04-12-2022 04:10 PM

I did find a solution that worked for me. I was able to follow this article https://www.c-sharpcorner.com/article/how-to-access-azure-key-vault-secrets-through-rest-api-using-p...

and did all the testing in Postman. I then transferred everything from Postman into Power Automate. Here is how it's working now and it works great. This solution does require Premium HTTP actions which I have purchased a flow license for.

 

  • Power Automate Flow runs on a schedule (every 45 minutes)
  • Reaches to an API endpoint and get a bearer token and stores it in a variable. (this is the one I want to store in key vault)
  • Reaches out to Microsoft and gets a bearer token
  • Uses Microsoft's bearer token to connect to the Azure Key Vault
  • Sets the secret's value ( I used this article - https://docs.microsoft.com/en-us/rest/api/keyvault/secrets/set-secret/set-secret)

All of my flows now get the Bearer Token from the key vault instead of getting it on every API call.

 

Message 3 of 4
1,399 Views
Paulhins8675309
New Member
In response to etuell

‎01-09-2023 12:54 PM

Interesting solution. Does this work with a Power BI gateway so that you can use the bearer tokens to access APIs through functions and headers in Power BI transformations? 

Message 4 of 4
459 Views
0 Kudos

Helpful resources

Announcements
Power Automate News & Announcements

Power Automate News & Announcements

Keep up to date with current events and community announcements in the Power Automate community.

Community Calls Conversations

Community Calls Conversations

A great place where you can stay up to date with community calls and interact with the speakers.

Power Automate Community Blog

Power Automate Community Blog

Check out the latest Community Blog from the community!

View All
Users online (3,539)