cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

Authorization Bearer in Header - Custom Connector

I have created a custom connector that is connecting to a vendor's API.  I have unauthenticated GET methods working, but now am working on some POSTs and am running into an issue with putting "Authorization: Bearer token_value" in the header.  Even on the unauthenticated GET calls, I can see in the request header that "Authorization: Bearer some_token_value" is already there.  I've tried setting the Header in my POST call, but then I get the error: "Message": "Error from ASE: Bad authorization header scheme".

 

I can see that the request header has my token_value and so it appears I'm not allowed to set the header that way.  What is the right way to send my "Authorization: Bearer token_value" to the API?

 

Thank you.

36 REPLIES 36
Anonymous
Not applicable

May I Know how to get that?

Hi Yoshi1

 

I can't thank you enough for taking the time to post this response. I applied your solution as described and it works like an absolute charm!!  I battled for months before I found you, but it is exactly what I needed.

 

May the world send good things your way.

Regards

Lael

Anonymous
Not applicable

Hello LaelLheeh, can u explain how you got that?

 

I think im facing the same problem.

 

I need a connector who makes login to get bearer token and then with this bearer token make the calls.

 

Thank you so much in advance!

Hi @Anonymous 

Go back to Pg 1 in the replies to this query and look for @Yoshi1 's response. He has screen shots and a description of how to do it.  It took me a while but after following his steps meticulously I got it to work. Give it a bash and come back if you still battle - then I can try and screenshare to assist.

Looks like this - quite easy to spot - but buried in all the replies - scroll until you see it.

LaelLeeH_0-1673886484279.png

Good luck. Was such a pleasure to get mine working!!

Anonymous
Not applicable

Hi @LaelLeeH 

 

Thank you for your answer.

 

I saw @Yoshi1 answer but i have some doubts about that.

 

My situation is this: I have a web app with their API. I would like to connect this API to Power BI so my users can download a report from my web app and edit the report with their own data. I tried to connect the API but Basic auth does not work for my API... I think thats because my Login method is a POST... I made a custom connector but creds are easy to see If u decompress the connector. My API needs to Login with Basic auth to get Bearer token and then make the calls to the API. This initial creds to generate the Bearer token are different for each user so... Maybe I have to create multiple custom connectors in Power Apps, one for each user? I've been trying for many months without success. Do You think this is possible in a good way?

 

This is the only thread where I think I can find some light.

 

Thanks for all and have a nice day!

LaelLeeH
Helper II
Helper II

Hi @Anonymous 

My situation is the same as yours I think.  My app connects to a 3rd party app through a custom connector. 3rd party app requires each user to have their own "Bearer-Token".  I have these "Bearer-Tokens" secured by my app and I pass them as a parameter to the Custom Connector.  It also took me months of searching before I found this thread, and finally got it right, so don't despair!!  I will try and elaborate below.

 

Firstly, inside your Custom Connector config, in "2.Security", set Authentication to "No Authentication Required" 

LaelLeeH_1-1674122777061.png

We will authenticate later by sending the "Bearer-Token" as a parameter to the connector.

 

To set this parameter up, you need to go to "3. Definition", and set up a "Policy" (look on the bottom right hand side, below Actions and References.

 

LaelLeeH_2-1674122917824.png

 

Select New Policy and then configure it as follows. I called mine "Bearer-Token" but you can call it whatever you like.

LaelLeeH_3-1674122990362.png

Then, if I recall correctly, you need to edit Swagger and add the following: (this step might not be needed if you update your connector after adding the policy, but just check this is in the Swagger anyway - add it if it is not in there because I know that this works)

 

So to get into Swagger you simply switch on the toggle in your Custom Connector header.  Once it has opened, search for you call (Action/Operation), and then add the following to the parameters section in the swagger.  

 

      - {name: Bearer-Token, in: header, required: false, type: string, default: Bearer

          Abcdefg ….,

        description: Bearer-Token}

I added it between Content-Type and Body. I have no idea if this is relevant or not - but just in case, for context, it fits in to the greater scheme of things here:

parameters:

      - {name: Content-Type, in: header, required: false, type: string, default: application/json,

        description: Content-Type}

      - {name: Bearer-Token, in: header, required: false, type: string, default: Bearer

          Abcdefg ….,

        description: Bearer-Token}

      - name: body

        in: body

        schema:

          type: object

 

Note that Abcdefg ... is simply a placeholder for the Bearer-Token that you will use later. I actually used a valid one, but just can't share that here for obvious reasons. So replace  Abcdefg ... (after the word Bearer and a space) with one of your valid tokens). Again not sure if this is necessary, but it is what I did to get it working.

Then make sure to Update connector.

 

Now if you go back to 3. Definition, and select your Action, you will see you have a new Header (mine was called "Bearer-Token" (yours will be the same as your chosen policy name).

LaelLeeH_4-1674123397304.png

If that all looks good, then go to "5.Test" to test it.

Just an aside, if you haven't created a connection yet, you may have to do that first.

 You will see you get asked to enter the parameters. Mine asks for Content-Type and Bearer-Token.  Whatever you put in Bearer-Token seems to over-write what you put in the swagger.

LaelLeeH_5-1674124001819.png

If that works then you are done. You can now call your connector from anywhere and it will ask you for your "Bearer-Token" as a parameter, just as you do for "Content-Type"

 

Hope this gets you on the road. Shout of you have any further queries.

Regards

Lael

 

Anonymous
Not applicable

Can you add a screenshot of the Powerautomate custom connection, to help understand it better?

Hi there,

Thanks for the solution, but in my case, there is no Policy section available in the custom connector setup, do you have any idea? am I missing anything? I appreciate your insights here.

 

Thanks,

Aravindh

Hi @Aravindh . In my case I see it on the Definitions tab (tab 3) of the connector config.  Scroll down right to the bottom. It is the last section in the left hand pane. See screenshot below:

 

LaelLeeH_0-1682051599230.png

 

 

This solution is working for me, here I need hight light the point is step#6. we need type in with "Bearer " before the api key. If no this keyword, will face 401 error

Bruce_Wang_0-1682836895486.png

 

RunningSenior
Frequent Visitor

@Yoshi1 Did you get this to work even on "Get" Requests? Or only on "Post" Method?

Thanks so much for your reply, it really helped me solve my issue!

👍

Hi @Anonymous ,

I have the same problem like you. I have a an API from a service and I need to call it. In order to do this they have another url with basic auth in order to get a bearer token and then use it as authorization in my call. I am not a developer and doing this for my family business.. Do you mind if you can guide me how you did that step by step?

Anonymous
Not applicable

For some reason both headers are being sent (with different values?!), which causes failures in my call:

Ricalex_0-1693063417788.png


Does anyone know what can I be missing? I've selected 'No Authentication' in the Security tab.

Hello,

I lost two days just to figure it out that in access-token you should not only post the token. The value that goes in access-token is "Bearer access-token" no double quotes.

Thanks for the solution

@Anonymous, I'm getting the same behavior. Did you ever figure it out?

boww1
Frequent Visitor

this one works for me, thank you, yoshi!

Helpful resources

Announcements

Celebrating the May Super User of the Month: Laurens Martens

  @LaurensM  is an exceptional contributor to the Power Platform Community. Super Users like Laurens inspire others through their example, encouragement, and active participation. We are excited to celebrated Laurens as our Super User of the Month for May 2024.   Consistent Engagement:  He consistently engages with the community by answering forum questions, sharing insights, and providing solutions. Laurens dedication helps other users find answers and overcome challenges.   Community Expertise: As a Super User, Laurens plays a crucial role in maintaining a knowledge sharing environment. Always ensuring a positive experience for everyone.   Leadership: He shares valuable insights on community growth, engagement, and future trends. Their contributions help shape the Power Platform Community.   Congratulations, Laurens Martens, for your outstanding work! Keep inspiring others and making a difference in the community!   Keep up the fantastic work!        

Check out the Copilot Studio Cookbook today!

We are excited to announce our new Copilot Cookbook Gallery in the Copilot Studio Community. We can't wait for you to share your expertise and your experience!    Join us for an amazing opportunity where you'll be one of the first to contribute to the Copilot Cookbook—your ultimate guide to mastering Microsoft Copilot. Whether you're seeking inspiration or grappling with a challenge while crafting apps, you probably already know that Copilot Cookbook is your reliable assistant, offering a wealth of tips and tricks at your fingertips--and we want you to add your expertise. What can you "cook" up?   Click this link to get started: https://aka.ms/CS_Copilot_Cookbook_Gallery   Don't miss out on this exclusive opportunity to be one of the first in the Community to share your app creation journey with Copilot. We'll be announcing a Cookbook Challenge very soon and want to make sure you one of the first "cooks" in the kitchen.   Don't miss your moment--start submitting in the Copilot Cookbook Gallery today!     Thank you,  Engagement Team

Announcing Power Apps Copilot Cookbook Gallery

We are excited to share that the all-new Copilot Cookbook Gallery for Power Apps is now available in the Power Apps Community, full of tips and tricks on how to best use Microsoft Copilot as you develop and create in Power Apps. The new Copilot Cookbook is your go-to resource when you need inspiration--or when you're stuck--and aren't sure how to best partner with Copilot while creating apps.   Whether you're looking for the best prompts or just want to know about responsible AI use, visit Copilot Cookbook for regular updates you can rely on--while also serving up some of your greatest tips and tricks for the Community. Check Out the new Copilot Cookbook for Power Apps today: Copilot Cookbook - Power Platform Community.  We can't wait to see what you "cook" up!    

Welcome to the Power Automate Community

You are now a part of a fast-growing vibrant group of peers and industry experts who are here to network, share knowledge, and even have a little fun.   Now that you are a member, you can enjoy the following resources:   Welcome to the Community   News & Announcements: The is your place to get all the latest news around community events and announcements. This is where we share with the community what is going on and how to participate.  Be sure to subscribe to this board and not miss an announcement.   Get Help with Power Automate Forums: If you're looking for support with any part of Power Automate, our forums are the place to go. From General Power Automate forums to Using Connectors, Building Flows and Using Flows.  You will find thousands of technical professionals, and Super Users with years of experience who are ready and eager to answer your questions. You now have the ability to post, reply and give "kudos" on the Power Automate community forums. Make sure you conduct a quick search before creating a new post because your question may have already been asked and answered. Galleries: The galleries are full of content and can assist you with information on creating a flow in our Webinars and Video Gallery, and the ability to share the flows you have created in the Power Automate Cookbook.  Stay connected with the Community Connections & How-To Videos from the Microsoft Community Team. Check out the awesome content being shared there today.   Power Automate Community Blog: Over the years, more than 700 Power Automate Community Blog articles have been written and published by our thriving community. Our community members have learned some excellent tips and have keen insights on the future of process automation. In the Power Automate Community Blog, you can read the latest Power Automate-related posts from our community blog authors around the world. Let us know if you'd like to become an author and contribute your own writing — everything Power Automate-related is welcome.   Community Support: Check out and learn more about Using the Community for tips & tricks. Let us know in the Community Feedback  board if you have any questions or comments about your community experience. Again, we are so excited to welcome you to the Microsoft Power Automate community family. Whether you are brand new to the world of process automation or you are a seasoned Power Automate veteran - our goal is to shape the community to be your 'go to' for support, networking, education, inspiration and encouragement as we enjoy this adventure together.     Power Automate Community Team

Hear what's next for the Power Up Program

Hear from Principal Program Manager, Dimpi Gandhi, to discover the latest enhancements to the Microsoft #PowerUpProgram, including a new accelerated video-based curriculum crafted with the expertise of Microsoft MVPs, Rory Neary and Charlie Phipps-Bennett. If you’d like to hear what’s coming next, click the link below to sign up today! https://aka.ms/PowerUp  

Tuesday Tip | How to Report Spam in Our Community

It's time for another TUESDAY TIPS, your weekly connection with the most insightful tips and tricks that empower both newcomers and veterans in the Power Platform Community! Every Tuesday, we bring you a curated selection of the finest advice, distilled from the resources and tools in the Community. Whether you’re a seasoned member or just getting started, Tuesday Tips are the perfect compass guiding you across the dynamic landscape of the Power Platform Community.   As our community family expands each week, we revisit our essential tools, tips, and tricks to ensure you’re well-versed in the community’s pulse. Keep an eye on the News & Announcements for your weekly Tuesday Tips—you never know what you may learn!   Today's Tip: How to Report Spam in Our Community We strive to maintain a professional and helpful community, and part of that effort involves keeping our platform free of spam. If you encounter a post that you believe is spam, please follow these steps to report it: Locate the Post: Find the post in question within the community.Kebab Menu: Click on the "Kebab" menu | 3 Dots, on the top right of the post.Report Inappropriate Content: Select "Report Inappropriate Content" from the menu.Submit Report: Fill out any necessary details on the form and submit your report.   Our community team will review the report and take appropriate action to ensure our community remains a valuable resource for everyone.   Thank you for helping us keep the community clean and useful!

Top Kudoed Authors
Users online (4,319)