Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
860 views
in Technique[技术] by (71.8m points)

oauth 2.0 - How to connect custom API using own OAuth2 in Microsoft Power Automate?

I've been trying to connect Microsoft Power Automate to my API. My API has a OAuth2 Code Flow. According to Power Automate, the connector can make a connection to my API. and execute a test. But the problem is that Microsoft sends a Bearer token that was generated by them, and not the one that I gave to them via OAuth2, resuting on my API giving a 401 Error (Invalid Token) as expected.

In the Power Automate Custom Connector page, in the security tab I have the following:

Authentication type

OAuth2.0

OAuth2.0 Settings

  • Identity Provider: Generic OAuth2
  • Client ID: SomeValue
  • ClientSecrect: SomeValue
  • Authorization URL: mydomain.com/auth/authorize
  • Token URL: mydomain.com/auth/token
  • Refresh URL mydomain.com/auth/token
  • Redirect URL: microsoft-flow.com/redirect (Not the real one)

When Microsoft makes a POST request to mydomain.com/auth/token, I return the following body:

{
access_token: "non JWT token", // simillar to a hash
refresh_token: "non JWT token",
expires_in: 3600
}

The request above is final request that microsoft before accepting as a valid connection. The token that microsoft sends me is a JWT one, not the one I provided.

I've seen some guys using Azure AD authentication within the APP, but I was trying to implement something simillar to other platoforms(e.g Github, Spotify, e.t.c)

So my question is it possible to connect Power Automate to a custom API with using OAuth2? If yes, how to do it?

question from:https://stackoverflow.com/questions/65617607/how-to-connect-custom-api-using-own-oauth2-in-microsoft-power-automate

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

It's possible.

In addition to the OAuth2.0 Settings you listed, there is another important property Scope which you have missed.

Since your API is protected in Azure AD, so I assume that you have created an Azure AD app for your API and exposed scopes.

After that, you can get the application ID URI (api://{clientId}) for your API.

You should put this value into the "Scope" in Power Automate, like this:

enter image description here

Then this access token will be considered valid by your API.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...