Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Check out the New Agent Creator Community
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps - Connector Development / Problem with Refresh t...
Power Apps - Connector Development
Answered

Problem with Refresh the token - custom connector for Azure AD–protected Azure function apps

(0) ShareShare
ReportReport
Posted on by superfliege 91

Hello together.

 

I would like to implement the following scenario:
Power Apps[Tenant 1] -> Custom Connector [Tenant 1] -> App Registration [Tenant 2] -> Azure Function [Tenant 2]

The Azure Function is protected via an app registration with OAuth2.

My user from Azure Tenant 1 is also a member of the Tenant 2. But this should not be the problem here.

 

I have tried to follow the following instructions. This is exactly what I need. However, it did not work.

After some trial and error I did not set the "Azure Active Directory" provider in my Custom Connector as written in the instructions but "Generic OAuth" with the Endpoint URLs from my App Registration . Create a custom connector for Azure AD–protected Azure function apps | Microsoft Learn

 

superfliege_0-1695209037012.png

 

Here I have set the following settings:

 

superfliege_1-1695209313480.png

 

If I now save the setting, the Forumlar "transforms" itself as if by magic. The identity provider changed itself to "Azure Active Directory"

superfliege_2-1695209542649.png

If I now change the setting again, the RefreshURL is empty as if by magic.

superfliege_3-1695209611825.png

 

So my app works perfectly.

However, after 60 minutes the connection from the connector fails. Here I have to log in again, because the connection said "Cant Login" with my user. After login again and "repair the connection" everything runs fine. 
It seems that I can't set the RefreshURL properly.  All in all, the interface here in the OAuth2 setting seems extremely buggy.

 

Has anyone had a similar scenario and been able to find a solution here?
Does the Custom Connector work for you with AD Login Protected Azure Function Apps?

 

Thanks a lot for your help ❤️

 

 

 

 

 

Categories:
Authentication
  • Verified answer
    superfliege Profile Picture
    superfliege 91 on at
    Re: Problem with Refresh the token - custom connector for Azure AD–protected Azure function apps

    @arun39881 

    How do you do?
    Great news for the weekend: It's working for me now.
    I used the Azure Active Directory connection again. However, you don't have to enter the URL of the Azure function for Resource URL. If I enter the URL of the Azure Function (as described in the MS documentation) I always get "Resource could not be found". That's why I personally switched to Oauth2 generic. But here the 60-minute timeout error occurred.

     

    However, if you now simply enter the ClientID of your app registration in the Resource URL, the connector works via Azure Active Directory. Check out the screenshot from the microsoft documentation, but instead of using the azure function url, put the app registration id in it. 

    I hope i could help you!

     

    oauth-settings.png

  • Jose Ramon Profile Picture
    Jose Ramon 97 on at
    Re: Problem with Refresh the token - custom connector for Azure AD–protected Azure function apps

    Have you tried leaving Identity Provider as Azure Active Directory instead of Oauth2?

     

    Fill in Client ID and Client Secret, the URL of Authorization leave the one you get (in my case https://login.microsoftonline.com), in tenant id you can put your tenant, I have left it in common and in Resource URL I have put the API I am calling, in my case, https://service.flow.microsoft.com/ (this URL is seen when you select the API in Azure to which you are giving permissions when you are giving permissions in the Azure Application), when you save the Application, Resource URL automatically is filled, in my case: https://global.consent.azure-apim.net/redirect this URL you must to put in the Azure Application in Redirect URL

     

    I still don't know what the Enable service principal support option is for (this must have been added recently).

  • superfliege Profile Picture
    superfliege 91 on at
    Re: Problem with Refresh the token - custom connector for Azure AD–protected Azure function apps

    No, unfortunately not.

    We suspect it may be due to the Oauth2 v2 API endpoint from the APP registration. There is an endpoint for v1 and v2 here, but I haven't gotten around to it yet, but will take up this topic again in the next few weeks. Maybe the refresh works via the v1 endpoint, but that's just a guess.

    I will keep you up to date here, if you find a solution I will also be happy to hear from you.

     

     

  • arun39881 Profile Picture
    arun39881 4 on at
    Re: Problem with Refresh the token - custom connector for Azure AD–protected Azure function apps

    Have you found a solution for this?
    We re facing similar issue where the custom connector token expires after 60 min

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Check out the New Agent Creator Community

Quick Links

Michael Gernaey – Community Spotlight

We are honored to recognize Michael Gernaey as our June 2025 Community…

Congratulations to the May Top 10 Community Leaders!

These are the community rock stars!

Announcing the Engage with the Community forum!

This forum is your space to connect, share, and grow!

Leaderboard >

Last month Overall leaderboard

Featured topics

Product updates

Microsoft Power Platform Community release plans