Showing results for 
Search instead for 
Did you mean: 
Frequent Visitor

Audit run data for a Flow

I can see run data in the run history of Flows in the admin centre. How can I get to that data programmatically?

Given we cannot easily restrict which instances of services that a Flow connects to with a connector, I wish to monitor where Flows transfer data to. The Office 365 audit log only captures changes to Flows, not the actual running instance data.



Regular Visitor



I get the same issue did you get any fix ?


-Endpoint "tip1"

-TenantID YYY

-ClientSecret XXX

-ApplicationId ZZZZ


Code : 403
Description : Forbidden
Headers : {Pragma, Strict-Transport-Security, x-ms-request-id, x-ms-correlation-request-id...}
Error : @{code=Forbidden; message=The service principal with id 'XXX' for
application YYY does not have permission to access the path 'https://tip
on=2016-11-01' in tenant XXX.}
Errors :

Try without the EndPoint param

same error


CommonDataServiceDatabaseProvisioningState :
CommonDataServiceDatabaseType : None
Internal : @{StatusCode=403; StatusDescription=Forbidden; Headers=Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-ms-request-id: xxxxxx
x-ms-correlation-request-id: 739ca3dc-be16-4bb5-a821-2d9fc35976b9
Connection: close
Content-Length: 406
Cache-Control: no-cache, no-store
Content-Type: application/json; charset=utf-8
Date: Fri, 21 Jan 2022 19:28:40 GMT
Expires: -1

; Error=; Message=The service principal with id 'xxx' for application
c56bc62a-40db-4900-c does not have permission to access the path '
rs/Microsoft.BusinessAppPlatform/scopes/admin/environments/~default?$expand=permissions&api-version=2016-11-01' in
tenant 53da83ccccccccccc.; Internal=System.Net.HttpWebResponse}

Did you grant D365 privileges to the service principal/app registration? Here are the steps: 



registered in here as env maker, system admin etc



and azure

using client id + secret







run command as

Add-PowerAppsAccount -TenantID 53da8350-xxx -ClientSecret 14G7Q~xxx -ApplicationId c56bc62a-XXX




Is you 2nd screenshot, you've haven't provided access to Dynamics CRM. 

thank you, it is not the 1st line API permission Dynamics CRM?


trying to enable/disable flows is there any other permission that env maker ?


Apologies for late reply. What do you mean "it is not the 1st line API permission Dynamics CRM"?
Also by enable/disable flows, possible to ellaborate on what you trying to do. Probably be best in another post as this one was for getting audit data programmatically. Cheers 🙂

Helpful resources

PA Virtual Workshop Carousel 768x460.png

Register for a Free Workshop

This training provides practical hands-on experience in creating Power Apps solutions in a full-day of instructor-led App creation workshop.

Microsoft Build 768x460.png

Microsoft Build is May 24-26. Have you registered yet?

Come together to explore latest innovations in code and application development—and gain insights from experts from around the world.

Users online (2,231)