cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
rpiwetz
Advocate I
Advocate I

Authorization Bearer in Header - Custom Connector

I have created a custom connector that is connecting to a vendor's API.  I have unauthenticated GET methods working, but now am working on some POSTs and am running into an issue with putting "Authorization: Bearer token_value" in the header.  Even on the unauthenticated GET calls, I can see in the request header that "Authorization: Bearer some_token_value" is already there.  I've tried setting the Header in my POST call, but then I get the error: "Message": "Error from ASE: Bad authorization header scheme".

 

I can see that the request header has my token_value and so it appears I'm not allowed to set the header that way.  What is the right way to send my "Authorization: Bearer token_value" to the API?

 

Thank you.

25 REPLIES 25

May I Know how to get that?

Hi Yoshi1

 

I can't thank you enough for taking the time to post this response. I applied your solution as described and it works like an absolute charm!!  I battled for months before I found you, but it is exactly what I needed.

 

May the world send good things your way.

Regards

Lael

luisan
Regular Visitor

Hello LaelLheeh, can u explain how you got that?

 

I think im facing the same problem.

 

I need a connector who makes login to get bearer token and then with this bearer token make the calls.

 

Thank you so much in advance!

Hi @luisan 

Go back to Pg 1 in the replies to this query and look for @Yoshi1 's response. He has screen shots and a description of how to do it.  It took me a while but after following his steps meticulously I got it to work. Give it a bash and come back if you still battle - then I can try and screenshare to assist.

Looks like this - quite easy to spot - but buried in all the replies - scroll until you see it.

LaelLeeH_0-1673886484279.png

Good luck. Was such a pleasure to get mine working!!

luisan
Regular Visitor

Hi @LaelLeeH 

 

Thank you for your answer.

 

I saw @Yoshi1 answer but i have some doubts about that.

 

My situation is this: I have a web app with their API. I would like to connect this API to Power BI so my users can download a report from my web app and edit the report with their own data. I tried to connect the API but Basic auth does not work for my API... I think thats because my Login method is a POST... I made a custom connector but creds are easy to see If u decompress the connector. My API needs to Login with Basic auth to get Bearer token and then make the calls to the API. This initial creds to generate the Bearer token are different for each user so... Maybe I have to create multiple custom connectors in Power Apps, one for each user? I've been trying for many months without success. Do You think this is possible in a good way?

 

This is the only thread where I think I can find some light.

 

Thanks for all and have a nice day!

LaelLeeH
Helper I
Helper I

Hi @luisan 

My situation is the same as yours I think.  My app connects to a 3rd party app through a custom connector. 3rd party app requires each user to have their own "Bearer-Token".  I have these "Bearer-Tokens" secured by my app and I pass them as a parameter to the Custom Connector.  It also took me months of searching before I found this thread, and finally got it right, so don't despair!!  I will try and elaborate below.

 

Firstly, inside your Custom Connector config, in "2.Security", set Authentication to "No Authentication Required" 

LaelLeeH_1-1674122777061.png

We will authenticate later by sending the "Bearer-Token" as a parameter to the connector.

 

To set this parameter up, you need to go to "3. Definition", and set up a "Policy" (look on the bottom right hand side, below Actions and References.

 

LaelLeeH_2-1674122917824.png

 

Select New Policy and then configure it as follows. I called mine "Bearer-Token" but you can call it whatever you like.

LaelLeeH_3-1674122990362.png

Then, if I recall correctly, you need to edit Swagger and add the following: (this step might not be needed if you update your connector after adding the policy, but just check this is in the Swagger anyway - add it if it is not in there because I know that this works)

 

So to get into Swagger you simply switch on the toggle in your Custom Connector header.  Once it has opened, search for you call (Action/Operation), and then add the following to the parameters section in the swagger.  

 

      - {name: Bearer-Token, in: header, required: false, type: string, default: Bearer

          Abcdefg ….,

        description: Bearer-Token}

I added it between Content-Type and Body. I have no idea if this is relevant or not - but just in case, for context, it fits in to the greater scheme of things here:

parameters:

      - {name: Content-Type, in: header, required: false, type: string, default: application/json,

        description: Content-Type}

      - {name: Bearer-Token, in: header, required: false, type: string, default: Bearer

          Abcdefg ….,

        description: Bearer-Token}

      - name: body

        in: body

        schema:

          type: object

 

Note that Abcdefg ... is simply a placeholder for the Bearer-Token that you will use later. I actually used a valid one, but just can't share that here for obvious reasons. So replace  Abcdefg ... (after the word Bearer and a space) with one of your valid tokens). Again not sure if this is necessary, but it is what I did to get it working.

Then make sure to Update connector.

 

Now if you go back to 3. Definition, and select your Action, you will see you have a new Header (mine was called "Bearer-Token" (yours will be the same as your chosen policy name).

LaelLeeH_4-1674123397304.png

If that all looks good, then go to "5.Test" to test it.

Just an aside, if you haven't created a connection yet, you may have to do that first.

 You will see you get asked to enter the parameters. Mine asks for Content-Type and Bearer-Token.  Whatever you put in Bearer-Token seems to over-write what you put in the swagger.

LaelLeeH_5-1674124001819.png

If that works then you are done. You can now call your connector from anywhere and it will ask you for your "Bearer-Token" as a parameter, just as you do for "Content-Type"

 

Hope this gets you on the road. Shout of you have any further queries.

Regards

Lael

 

Helpful resources

Announcements
Power Automate News & Announcements

Power Automate News & Announcements

Keep up to date with current events and community announcements in the Power Automate community.

Community Calls Conversations

Community Calls Conversations

A great place where you can stay up to date with community calls and interact with the speakers.

Power Automate Community Blog

Power Automate Community Blog

Check out the latest Community Blog from the community!

Top Solution Authors
Users online (3,966)