Skip to main content

Notifications

Announcements

🌸 Community Spring Festival 2025 Challenge & Updates🌸
Replay: Power Platform Community AMA - Copilot Studio | April
Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id : q6SbXZbJoR9hXokVC4HOiA
Power Platform Community / Blogs / Power Automate Community Blog / One Minute Fixes - Updating...

One Minute Fixes - Updating SPN Secrets

wyattdave Profile Picture wyattdave 406 Super User 2025 Season 1
10 Apr 2025

We all know that when using proper ALM in Power Automate SPN's are the way to go. Sadly not all connections use them, and the ones that do have challenges.


One of my most recent challenges was updating a secret for a Dataverse connection in a prod environment.

Unfortunately you can't simply update the connections secret, you have to create a new connection. Additionally you cant create the connection in the connections section in the studio, you can only set a spn when you create a connection inside the flow builder.



Above shows no spn option when creating connection inside connection section


So you have to:

  • Create new flow
  • Create new connection
  • Update connection reference with new connection

Luckily there is a better way. I found a api that can update the secret in the actual connection.


https://api.powerapps.com/providers/Microsoft.PowerApps/apis/{environmentId}/connections/{connectionId}?api-version=2016-11-01&createConnectionReference=true&solutionId=~preferred&$filter=environment eq'{environmentId}'

{
  "properties": {
    "connectionParameters": {
      "token:clientId": "{clientId}",
      "token:clientSecret": "{secret}",
      "token:TenantId": "{tenantId}",
      "token:grantType": "client_credentials"
    },
    "displayName": "{connectionDisplayName}",
    "environment": {
      "name": "{environmentId}"
    }
  }
}

To update the connection I use a flow using the HTTP with 'Microsoft Entra ID (preauthorized)' connector and the following setup:

http connection

Now all we do is use the 'Get Connections as Admin' of the api to get all the connections, filter by the spn (I use the spns name in the connection Display name, so I can filter them easier). And then update the secret:

https://api.powerapps.com/providers/Microsoft.PowerApps/connections?api-version=2016-11-01&$filter=ApiId not in ('shared_logicflows','shared_powerflows','shared_pqogenericconnector') and environment eq '{environmentId}'


full flow

The demo flow is manual and has environment, connection Type (e.g Dataverse = shared_commondataserviceforapps), environment, and new secret, but can easily be setup as part of a app or automated from secure Dataverse table.


Call out here, the connection editing the secret must have access to the connection, so it must be shared with or the owner of the connection is used.

A copy of the solution can also be found in GitHub https://github.com/wyattdave/Power-Platform/tree/main/Power%20Automate%20Artifacts




One Minute Fixes - Clear an Excel Table


l also do long form and broader Power Platform blogs here https://dev.to/wyattdave
UpdateSPNSecret_1...

Comments