cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
shahriat
Helper II
Helper II

From the PowerApps portal, how to securely talk to an external API hosted in Azure?

I am working on a poweapps portal, I want to connect my portal with an external API hosted in Azure. 

 

Is it possible and how to accomplish it?

1 ACCEPTED SOLUTION

Accepted Solutions

Hi @shahriat,

This implementation does mostly use JavaScript - from the Portal end. Note that the biggest issue with JavaScript API in the Portal is that you're making everything, including authentication, accessible to a tech-savvy user. For example, if you just pass a username & pass or static credentials to an API from JavaScript, I can easily press F12 and see what you did. Then I can manipulate the data, or throw it into a whole bunch of virtual machines and try to throw thousands of requests at your API, all to try to break the API.

The advantage of the documentation shared is that it relies on generating a coded API request only when the Portal has been setup to make a request to that particular API. But that's only half the problem - now the API needs to decode it. This is where the C# comes in - you need to be able to retrieve the decoding pattern from the Portal, apply it to the coded message, and if everything decodes without breaking then you can guarantee the request came from the trusted source.

View solution in original post

5 REPLIES 5
justinburch
Microsoft
Microsoft

Hi @shahriat,

Yes, but it requires quite a bit of work. Use Microsoft's documentation to get started (https://docs.microsoft.com/en-us/powerapps/maker/portals/oauth-implicit-grant-flow), but ultimately what you'll want to do is create a process in the Azure API (or use a middle layer) to validate the request is coming from the Portal and, therefore, to authenticate the bearer token. This uses the Portal's public key to identify that the request was created from the private key, so doesn't actually need access to the authentication service.

Hi Justin,

Thanks a lot for your reply. The documentation you provided I already have seen and they have sample for c# code. Since I am new in portal so not sure how to implement c# code in portal. Do you suggest some Javascript sample? And do you know about adal js library and will it work? 

 

Your explanation is still quite confusing to me.

Hi @shahriat,

This implementation does mostly use JavaScript - from the Portal end. Note that the biggest issue with JavaScript API in the Portal is that you're making everything, including authentication, accessible to a tech-savvy user. For example, if you just pass a username & pass or static credentials to an API from JavaScript, I can easily press F12 and see what you did. Then I can manipulate the data, or throw it into a whole bunch of virtual machines and try to throw thousands of requests at your API, all to try to break the API.

The advantage of the documentation shared is that it relies on generating a coded API request only when the Portal has been setup to make a request to that particular API. But that's only half the problem - now the API needs to decode it. This is where the C# comes in - you need to be able to retrieve the decoding pattern from the Portal, apply it to the coded message, and if everything decodes without breaking then you can guarantee the request came from the trusted source.

View solution in original post

Hi Justin, I have implemented their sample code and getting this error: {"xxxxxx: Audience validation failed. Audiences: ''. Did not match: validationParameters.ValidAudience: 'xxxxxxxxxxxxxxxxxx' or validationParameters.ValidAudiences: 'null'."} not sure I have missed anything, I am getting token using token endpoint. Could you please help me why I am getting this error in my API?

Helpful resources

Announcements
PA_User Group Leader_768x460.jpg

Manage your user group events

Check out the News & Announcements to learn more.

Power Query PA Forum 768x460.png

Check it out!

Did you know that you can visit the Power Query Forum in Power BI and now Power Apps

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

PowerPlatform 768x460.png

Microsoft Learn

Check out our new Discover Your Career Path blog post series and get all the details.

Users online (1,113)