Share
ReportI am working on a poweapps portal, I want to connect my portal with an external API hosted in Azure.
Is it possible and how to accomplish it?
You’re offline. This is a read only version of the page.
Announcements
I am working on a poweapps portal, I want to connect my portal with an external API hosted in Azure.
Is it possible and how to accomplish it?
For any future visitors, this thread has split to https://powerusers.microsoft.com/t5/Power-Apps-Portals/Audience-validation-failed-for-OAuth-2-0-implicit-grant-flow/m-p/702085#M4027
Hi @Anonymous,
This implementation does mostly use JavaScript - from the Portal end. Note that the biggest issue with JavaScript API in the Portal is that you're making everything, including authentication, accessible to a tech-savvy user. For example, if you just pass a username & pass or static credentials to an API from JavaScript, I can easily press F12 and see what you did. Then I can manipulate the data, or throw it into a whole bunch of virtual machines and try to throw thousands of requests at your API, all to try to break the API.
The advantage of the documentation shared is that it relies on generating a coded API request only when the Portal has been setup to make a request to that particular API. But that's only half the problem - now the API needs to decode it. This is where the C# comes in - you need to be able to retrieve the decoding pattern from the Portal, apply it to the coded message, and if everything decodes without breaking then you can guarantee the request came from the trusted source.
Hi Justin,
Thanks a lot for your reply. The documentation you provided I already have seen and they have sample for c# code. Since I am new in portal so not sure how to implement c# code in portal. Do you suggest some Javascript sample? And do you know about adal js library and will it work?
Your explanation is still quite confusing to me.
Hi @Anonymous,
Yes, but it requires quite a bit of work. Use Microsoft's documentation to get started (https://docs.microsoft.com/en-us/powerapps/maker/portals/oauth-implicit-grant-flow), but ultimately what you'll want to do is create a process in the Azure API (or use a middle layer) to validate the request is coming from the Portal and, therefore, to authenticate the bearer token. This uses the Portal's public key to identify that the request was created from the private key, so doesn't actually need access to the authentication service.
#1
Lucas001
60
Super User 2025 Season 1
#2
Fubar
55
Super User 2025 Season 1
#3
surya narayanan
35
All responses (
Answers (
