web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate / Authorization Code Gra...
Power Automate
Unanswered

Authorization Code Grant RFC 6749

(0) ShareShare
ReportReport
Posted on by digitalfuel 24

I am trying to get flow Oauth2 generic to connect to an API which uses Authorization Code Grant RFC 6749. 

 

The authorization works fine and the initial connection is made. But the token pass off does not work.

 

Can a custom connection from flow work with Authorization Code Grant. This spec says "The client makes a request to the token endpoint by sending the following parameters using the "application/x-www-form-urlencoded" format per Appendix B with a character encoding of UTF-8 in the HTTP request entity-body: "

 

This is so close to working, I have tried everything I can think of to make this work. Can it be done? If so what am I not doing correctly. 

 

{
 "swagger": "2.0",
 "info": {
 "description": "........... 
 "version": "0.1",
 "title": "flow"
 },
 "host": "######################.com",
 "basePath": "/webresources/api/v3/sites/current",
 "schemes": [
 "https"
 ],
 "consumes": [
 "application/x-www-form-urlencoded"
 ],
 "produces": [
 "application/json"
 ],
 "paths": {
 "/faqs": {
 "post": {
 "tags": [
 "FAQs"
 ],
 "summary": "FAQs Create",
 "description": "Using this method you can add an FAQ item to your site.\n",
 "operationId": "AddFAQ",
 "parameters": [
 {
 "name": "id",
 "in": "query",
 "description": "id identifier number",
 "required": true,
 "type": "integer"
 },
 {.....

 "securityDefinitions": {
 "oauth2": {
 "type": "oauth2",
 "authorizationUrl": "https://........com/api/oauth/authorize%3fversion%3D0.1",
 "tokenUrl": "https://.........com/api/oauth/token",
 "flow": "accessCode",
 "scopes": {}
 }
 },
 "security": [
 {
 "oauth2": []
 }
 ],
 "tags": []
}

Json above is shorted to keep it brief.

 

Sorry this is in the wrong thread Board but now I cannot change it.

 

Any help would be great.

Categories:
Using flows
I have the same question (0)
  • v-xida-msft Profile Picture
    v-xida-msft on at

    Hi @digitalfuel,

     

    Could you please share a bit more about error message if the error message exists?

    Do you not use the access token to access the resource?

     

    If your request to resource doesn’t include authentication credentials or is missing the token, the resource would not be obtained. More details about using the access token to access the resource, please check the following article:

    https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-oauth-code#use-the-access-token-to-access-the-resource

     

    Please check if you have passed proper token value to access the resource. In addition, please check and see if the following article would help in your scenario:

    https://docs.microsoft.com/en-us/bingads/guides/authentication-oauth

     

    More details about error codes for token endpoint errors, please check the following article:

    Use the authorization code to request an access token

     

     

    Best regards,

    Kris

  • digitalfuel Profile Picture
    digitalfuel 24 on at

    Hi Kris

     

     

    Flows Custom connection settings below

     

    Flow Security.pngFlow Connection and Test 401.png

     

    Because Flow demands a refresh URL I have put the token URL in both. But from what I can tell Authorization Code Grant does not use one.

     

     

    So the Authorize connection works. But when an end point is used or tested I get a 401. Which makes sense because when tested in Postman to authorize and get token I get a 500 error on the token POST. "An internal error has occurred at the service. Retry the request." And I have tried and tried. 

     

    This is what I get in postman 

    POST https://digitalfuel.worldsecuresystems.com/api/oauth/token
    Request Headers:
content-type:"application/x-www-form-urlencoded"
user-agent:"PostmanRuntime/7.1.1"
accept:"*/*"
host:"digitalfuel.worldsecuresystems.com"
accept-encoding:"gzip, deflate"
content-length:945
Request Body:
grant_type:"authorization_code"
code:"Bearer+_bc_......."
redirect_uri:"https://australia-001.consent.azure-apim.net/redirect"
client_id:"digiFuel-flows"
client_secret:"SECRET"
Response Headers:
server:"openresty"
date:"Wed, 20 Dec 2017 19:47:29 GMT"
content-type:"text/html"
content-length:"241"
connection:"keep-alive"
cache-control:"private"
set-cookie:"ASP.NET_SessionId=.....; path=/; HttpOnly"
access-control-allow-origin:"*"
access-control-allow-headers:"Authorization, Accept-Language, Content-Type"
access-control-allow-methods:"GET, HEAD, POST, PUT, DELETE"
access-control-expose-headers:"Location"
access-control-max-age:"99999"
x-frame-options:"allowall"
x-xss-protection:"1; mode=block"
Response Body:
<oauthException xmlns="http://ns.adobe.com/bc/api/oauth" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><error>unknown</error><error_description>Unexpected exception occured.</error_description><error_uri i:nil="true"/></oauthException>

    I cannot be sure the error is related to postman or if it the same as flow (although seems likely it is) this is why I need data like this from the custom connector itself.  

     

    Both Adobe and myself have tested the API in other ways and it is working. What BC wants from the Authorize and token requests looks in line with what you have provided and can be seen here. https://github.com/adobebc/web-apps-sdk/blob/master/samples/bc-external-service/public/js/oauth.js  it is pretty simple and looks like what you referenced to here regarding bing ads for Authorization Code Grant https://docs.microsoft.com/en-us/bingads/guides/authentication-oauth 

     

    In flow I cannot seem to see the token request. Can I see this anywhere? Can you?    This would help confirm, check and test.

     

    Any help would be great.

     

  • digitalfuel Profile Picture
    digitalfuel 24 on at

    Hi Kris,

     

    I think I may have found the issue, The redirect URI may not be the same between the authorization code step and the access code step. 

     

    Adobe mentioned something about this in testing but intially I did not get it. But there may just be due to url over encoding issue.

     

    The url for the Authorize step is As follows. 

    Green To highlight the Redirect

    Orange encoded Once

    Blue encoded twice

    Red encoded Thrise

     

    https://domain.com/Admin/GenericLogin.aspx?URL=%2fPartner%2fOAuth%2fAuthorize.aspx%3fclient_id%3dCID%26response_type%3dcode%26redirect_uri%3dhttps%253a%252f%252faustralia-001.consent.azure-apim.net%252fredirect%26scope%3d%26state%STATE%26from%3dhttps%253a%252f%252fHOST%252fapi%252foauth%252fauthorize%253fclient_id%253dCID%2526response_type%253dcode%2526redirect_uri%253dhttps%25253a%25252f%25252faustralia-001.consent.azure-apim.net%25252fredirect%2526scope%253d%2526state%253dSTATE

     

    Now as per the Spec adobe wants the Redirect to be the same But the encoding may be causing the issue.

     

    I need to find out where it is being encoded multiple times in the authorize. So need to see the output from flow.

    And also need to see the request for the token to see if it is different from the Authorize redirect URI.

    If not then it is happening at adobes end. Or am I doing something wrong? 

     

    Any help would be great. 

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Automate

#1
Michael E. Gernaey Profile Picture

Michael E. Gernaey 523 Super User 2025 Season 2

#2
Tomac Profile Picture

Tomac 406 Moderator

#3
abm abm Profile Picture

abm abm 245 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

Share your ideas and struggles with building Power Automate flows!
Survey: Power Automate mobile app
How to Ask for Help with Your Power Automate Workflow
Flows are not visible for users who sign in with their personal accounts
Start and wait for an approval action
Restore a deleted flow
List of actions cheat sheet for Power Automate Desktop
Question for everyone : How are you using Create Text GPT in AI Builder?
Welcome to the Power Automate forum!

Product updates

Microsoft Power Platform Community release plans