web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Problem with Refresh t...
Power Apps
Answered

Problem with Refresh the token - custom connector for Azure AD–protected Azure function apps

(0) ShareShare
ReportReport
Posted on by superfliege 91

Hello together.

 

I would like to implement the following scenario:
Power Apps[Tenant 1] -> Custom Connector [Tenant 1] -> App Registration [Tenant 2] -> Azure Function [Tenant 2]

The Azure Function is protected via an app registration with OAuth2.

My user from Azure Tenant 1 is also a member of the Tenant 2. But this should not be the problem here.

 

I have tried to follow the following instructions. This is exactly what I need. However, it did not work.

After some trial and error I did not set the "Azure Active Directory" provider in my Custom Connector as written in the instructions but "Generic OAuth" with the Endpoint URLs from my App Registration . Create a custom connector for Azure AD–protected Azure function apps | Microsoft Learn

 

superfliege_0-1695209037012.png

 

Here I have set the following settings:

 

superfliege_1-1695209313480.png

 

If I now save the setting, the Forumlar "transforms" itself as if by magic. The identity provider changed itself to "Azure Active Directory"

superfliege_2-1695209542649.png

If I now change the setting again, the RefreshURL is empty as if by magic.

superfliege_3-1695209611825.png

 

So my app works perfectly.

However, after 60 minutes the connection from the connector fails. Here I have to log in again, because the connection said "Cant Login" with my user. After login again and "repair the connection" everything runs fine. 
It seems that I can't set the RefreshURL properly.  All in all, the interface here in the OAuth2 setting seems extremely buggy.

 

Has anyone had a similar scenario and been able to find a solution here?
Does the Custom Connector work for you with AD Login Protected Azure Function Apps?

 

Thanks a lot for your help ❤️

 

 

 

 

 

Categories:
Connector development
I have the same question (0)
  • arun39881 Profile Picture
    arun39881 4 on at

    Have you found a solution for this?
    We re facing similar issue where the custom connector token expires after 60 min

  • superfliege Profile Picture
    superfliege 91 on at

    No, unfortunately not.

    We suspect it may be due to the Oauth2 v2 API endpoint from the APP registration. There is an endpoint for v1 and v2 here, but I haven't gotten around to it yet, but will take up this topic again in the next few weeks. Maybe the refresh works via the v1 endpoint, but that's just a guess.

    I will keep you up to date here, if you find a solution I will also be happy to hear from you.

     

     

  • Jose Ramon Profile Picture
    Jose Ramon 107 on at

    Have you tried leaving Identity Provider as Azure Active Directory instead of Oauth2?

     

    Fill in Client ID and Client Secret, the URL of Authorization leave the one you get (in my case https://login.microsoftonline.com), in tenant id you can put your tenant, I have left it in common and in Resource URL I have put the API I am calling, in my case, https://service.flow.microsoft.com/ (this URL is seen when you select the API in Azure to which you are giving permissions when you are giving permissions in the Azure Application), when you save the Application, Resource URL automatically is filled, in my case: https://global.consent.azure-apim.net/redirect this URL you must to put in the Azure Application in Redirect URL

     

    I still don't know what the Enable service principal support option is for (this must have been added recently).

  • Verified answer
    superfliege Profile Picture
    superfliege 91 on at

    @arun39881 

    How do you do?
    Great news for the weekend: It's working for me now.
    I used the Azure Active Directory connection again. However, you don't have to enter the URL of the Azure function for Resource URL. If I enter the URL of the Azure Function (as described in the MS documentation) I always get "Resource could not be found". That's why I personally switched to Oauth2 generic. But here the 60-minute timeout error occurred.

     

    However, if you now simply enter the ClientID of your app registration in the Resource URL, the connector works via Azure Active Directory. Check out the screenshot from the microsoft documentation, but instead of using the azure function url, put the app registration id in it. 

    I hope i could help you!

     

    oauth-settings.png

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the April Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
Vish WR Profile Picture

Vish WR 1,045

#2
Valantis Profile Picture

Valantis 675

#3
11manish Profile Picture

11manish 592

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans