cancel
Showing results for 
Search instead for 
Did you mean: 
nagaraja2026

Using Service Principal in Power Automate/Flow

Any CDS trigger or action requires a connection to CDS environment.

While adding connection, we can choose to sign in with individual user account or Service Principal.

If we choose to sign in with individual user , CDS action runs in that user context and in auditing it shows as the user performed that action.

It may cause problems in some scenarios like audit checks/troubleshooting.

So better way to do it is sign in with service principal / application user. By creating service principal, we are indirectly creating an identification for the flow.

A service principal is created by registering an Azure AD application and then creating a corresponding application user in CDS.

When you use an application user/service principal on the CDS connector all actions are performed by that user on behalf of organization users who are triggering the flow by performing some action (Which is called impersonation ).

Application users get the permissions from the security roles associated with the CDS app user. 

Below steps are required to create Service Principal / Application user.

Step 1: Register your application in Azure Active Directory.

Refer this article from Microsoft docs to create application in Azure AD. And note down client id/application id, client secret , tenant id .

Step 2 : Create application user in CDS environment and assign security role(custom).

Refer this article from Microsoft docs to create application user and assign security role.

Step 3: Add new connection and sign in with service principal in flow.

image.png

 

image.png

 

Enter client id/application id, client secret, tenant/directory id that we got from Step 1 and click on create.

image.png

That’s it .

Hope it helps.

Original post from my blog : https://powerofpowerplatform.com/using-service-principal-in-power-automate-flow/

 

Comments

What happens when the secret expires? Will all the flows stop working? 

@branthat just happened for me - all flows stopped working due to an expired client secret.

 

And there is no way you can update the the client secret for an existing service principal in Power Automate. You need to create a new one. And as far as I can see - there is also no easy way to replace all connections with the new service principal. 

 

Using the 'Switch account' functionality under connections will expect a normal user with a username and password. 

 

Meet Our Blog Authors
  • Experienced Consultant with a demonstrated history of working in the information technology and services industry. Skilled in Office 365, Azure, SharePoint Online, PowerShell, Nintex, K2, SharePoint Designer workflow automation, PowerApps, Microsoft Flow, PowerShell, Active Directory, Operating Systems, Networking, and JavaScript. Strong consulting professional with a Bachelor of Engineering (B.E.) focused in Information Technology from Mumbai University.
  • I am a Microsoft Business Applications MVP and a Senior Manager at EY. I am a technology enthusiast and problem solver. I work/speak/blog/Vlog on Microsoft technology, including Office 365, Power Apps, Power Automate, SharePoint, and Teams Etc. I am helping global clients on Power Platform adoption and empowering them with Power Platform possibilities, capabilities, and easiness. I am a leader of the Houston Power Platform User Group and Power Automate community superuser. I love traveling , exploring new places, and meeting people from different cultures.
  • Blog site: https://ganeshsanapblogs.wordpress.com/ MCT | SharePoint, Microsoft 365 and Power Platform Consultant | Contributor on SharePoint StackExchange, Techcommunity
  • Encodian Owner / Founder - Ex Microsoft Consulting Services - Architect / Developer - 20 years in SharePoint - PowerPlatform Fan
  • I am the Owner/Principal Architect at Don't Pa..Panic Consulting. I've been working in the information technology industry for over 30 years, and have played key roles in several enterprise SharePoint architectural design review, Intranet deployment, application development, and migration projects. I've been a Microsoft Most Valuable Professional (MVP) 12 consecutive years and am also a Microsoft Certified SharePoint Masters (MCSM) since 2013.
  • Big fan of Power Platform technologies and implemented many solutions.
  • Passionate #Programmer #SharePoint #SPFx #M365 #Power Platform| Microsoft MVP | SharePoint StackOverflow, Github, PnP contributor
  • Web site – https://kamdaryash.wordpress.com Youtube channel - https://www.youtube.com/channel/UCM149rFkLNgerSvgDVeYTZQ/