web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro - Series II
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate / Error creating any sor...
Power Automate
Answered

Error creating any sort of Service Principal-connection in Custom Connector

(3) ShareShare
ReportReport
Posted on by CU01081209-2 51
Hey all,

I recently posted a similar question, but I'm posting a new question because I noticed that the issue that I'm encountering happens in the most basic type of scenarios, that seem to work for other people:

I'm encountering this error:

 Input parameters are invalid. See details for more information. Details:errorCode: ParameterNotDefined. Message: Parameter 'token:clientId' is not allowed on the connection since it was not defined as a connection parameter when the API was registered. The correlation-id is ...
while trying to make a custom connector with a Service principal connection.

I'm taking the exact same authentication steps as in the following video's:
"https://www.youtube.com/watch?v=6v3pP4Z-iL4"
"https://www.youtube.com/watch?v=rSHHaHEGDxU"

That is, in the tab 'general', i'm choosing:
- scheme = HTTPS
- host = graph.microsoft.com
- base-url = /v1.0/

Security:
- Oauth 2.0
- Id-provider: Azure Active Directory:
- Enable Service-Principal support (yes)
- Client secret: my secret
- Client id: my app registration id
- Tenant ID: common
- Resource uri: graph.microsoft.com
- Enable on-behalf-of login: false
- Scope: empty

I don't define any actions yet. But I have managed to create actions, and get them to work with User OAuth. So that's not the problem.

So, the swagger file that is created is this:
 
swagger: '2.0'
info:
  title: Test Connector
  description: testdescription testdescription testdescription 
  version: '1.0'
host: graph.microsoft.com
basePath: /v1.0/
schemes:
  - https
consumes: []
produces: []
paths: {}
definitions: {}
parameters: {}
responses: {}
securityDefinitions:
  oauth2-auth:
    type: oauth2
    flow: accessCode
    tokenUrl: https://login.windows.net/common/oauth2/authorize
    scopes: {}
    authorizationUrl: https://login.microsoftonline.com/common/oauth2/authorize
  oAuthClientCredentials:
    type: oauth2
    flow: application
    tokenUrl: https://login.windows.net/common/oauth2/authorize
    scopes: {}
  certOauth:
    type: oauth2
    flow: application
    tokenUrl: https://login.windows.net/common/oauth2/authorize
    scopes: {} (or, what also doesn't work is using User.Read or the relevant required API.permissions)
security:
  - oauth2-auth: []
  - oAuthClientCredentials: []
  - certOauth: []
tags: []

Is anyone else able to create a service principal connection like this? I'm worried my issue is not replicable. Any help would be greatly appreciated.
 
Categories:
Connector development
I have the same question (0)
  • stampcoin Profile Picture
    stampcoin 5,166 Super User 2026 Season 1 on at
    Try to use 'Enable on-behalf-of login'=false.
    and specify value for Scope , for example User.Read.All ( choose the one how you defined the API permissions.
    update the connector and test it.
  • CU01081209-2 Profile Picture
    CU01081209-2 51 on at
    @stampcoin Thanks for your reply. Unfortunately making these adjustments did not solve the issue.

    Notably, a connection to our API can be established using a standard HTTP request. This works both from Postman—by configuring a token using the same settings (grant type: client credentials, access token URL: https://login.microsoftonline.com/my-tenant-id/oauth2/v2.0/token client ID, client secret, scope: https://login.microsoftonline.com/my-tenant-id/oauth2/v2.0/token)—and from the Power Automate environment (i.e., using a standard HTTP request instead of setting up a custom connector based on polling).

    So, it is possible to communicate with the API through these alternative methods.

    It is maybe also noteworthy that a user-based connection can be successfully established when creating a custom connector, and that this connection allows for successful requests to the Business Central API.

    Does that give any clues? Would using this swagger code work for you, or does it give the same error?

  • stampcoin Profile Picture
    stampcoin 5,166 Super User 2026 Season 1 on at
     I didn’t try your code, I only compared it with mine. Except the ones I mentioned, other parts are the same.
     I prepared everything first (app registration, client id…), then created the connectors without adding any extra actions. No errors.
    have you tried to re-build it?
  • CU01081209-2 Profile Picture
    CU01081209-2 51 on at
    @stampcoin Thanks for your reply. I did just now try to rebuild it, also without adding actions, and with the adjustments you suggested. Unfortunately, without success, and with the same error appearing. I have no clue what the cause of the error could be.
  • stampcoin Profile Picture
    stampcoin 5,166 Super User 2026 Season 1 on at
    That's strange, could you please check this article ?
     
    I also tried your code, it works for me....
    swagger: '2.0'
info:
  title: Test Connector
  description: testdescription
  version: '1.0'
host: graph.microsoft.com
basePath: /v1.0/
schemes:
  - https
consumes: []
produces: []
paths: {}
definitions: {}
parameters: {}
responses: {}
securityDefinitions:
  oauth2-auth:
    type: oauth2
    flow: accessCode
    tokenUrl: https://login.windows.net/common/oauth2/authorize
    scopes: {}
    authorizationUrl: https://login.microsoftonline.com/common/oauth2/authorize
  oAuthClientCredentials:
    type: oauth2
    flow: application
    tokenUrl: https://login.windows.net/common/oauth2/authorize
    scopes: {}
  certOauth:
    type: oauth2
    flow: application
    tokenUrl: https://login.windows.net/common/oauth2/authorize
    scopes: {}
security:
  - oauth2-auth: []
  - oAuthClientCredentials: []
  - certOauth: []
tags: []
     
  • CU01081209-2 Profile Picture
    CU01081209-2 51 on at
    @stampcoin Again, thanks for your reply. That's what I was worried about. I have followed the instructions of the link you sent me, and so far I've tried 3 app registrations and many custom connectors. The issue still persists. It's definitely strange, like you said.

    Is there any other course of action I could try to fix this?
  • stampcoin Profile Picture
    stampcoin 5,166 Super User 2026 Season 1 on at
    thanks for the feedback.
    Do you have anything special settings when you register the app ? (forget about BC for now)
    What environment do you use ? and your license type ?
    have you tried another environment ?
    which step did you get the error ?
  • DaniBash Profile Picture
    DaniBash 29 on at

    I'm replying to this post as well, as I'm experiencing the same issue with service principal authentication.

    I've been having this issue for two weeks and still haven't found a solution. There are a few other posts about this. The workaround suggested in other search results, which consists of creating the connection from Power Automate, doesn't work for me.

  • CU01081209-2 Profile Picture
    CU01081209-2 51 on at
    @stampcoin I'm getting the error in the testing step. In the guide you linked this is step 'Test the connector' > 8. Select the create connection button (after filling in Client ID, Client Secret and Tenant. 
     
    I was using a Developer environment. I have now tried to create a custom connector in the managed production environment, but this also results in the same error.
     
    I'm pretty sure I don't have any special settings when registering the app. I try to keep everything to a minimum, and also according to the guide that you sent. I add an API-permission, I let the API-permission be approved, and I create a client secret.
     
    I'm working with a "Microsoft Power Apps for Developer" license.
     
    @DaniBash Interesting, it's the first time i'm reading about somebody else having this issue. If you find any other discussions on this that might be helpful, please let me know :)
  • CU01081209-2 Profile Picture
    CU01081209-2 51 on at
    If anyone has any suggestions / solutions for this, I would be happy to hear :) Still haven't been able to find the solution yet myself.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro - Series II

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Kudos to our 2025 Community Spotlight Honorees

Expanding mentorship, skilling, and AI innovation

Congratulations to the May Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Automate

#1
Valantis Profile Picture

Valantis 462

#2
Vish WR Profile Picture

Vish WR 256

#3
David_MA Profile Picture

David_MA 242 Super User 2026 Season 1

Last 30 days Overall leaderboard

Featured topics

Known issue with browser automation in Power Automate for Desktop on Google Chrome 146 and 147
Share your ideas and struggles with building Power Automate flows!
Survey: Power Automate mobile app
How to Ask for Help with Your Power Automate Workflow
Flows are not visible for users who sign in with their personal accounts
Start and wait for an approval action
Restore a deleted flow
List of actions cheat sheet for Power Automate Desktop
Welcome to the Power Automate forum!

Product updates

Microsoft Power Platform Community release plans