web
You’re offline. This is a read only version of the page.
close
Skip to main content
Community site session details

Community site session details

Session Id : T7PGRzUbB3i3t2azJMDrsb
Power Platform Community / Forums / Power Pages - Power Apps Portals / From the PowerApps por...
Power Pages - Power Apps Portals
Answered

From the PowerApps portal, how to securely talk to an external API hosted in Azure?

Like (0) ShareShare
ReportReport
Posted on 22 Sep 2020 09:44:44 by Community Power Pla...

I am working on a poweapps portal, I want to connect my portal with an external API hosted in Azure. 

 

Is it possible and how to accomplish it?

I have the same question (0)
  • justinburch Profile Picture
    justinburch Microsoft Employee on 22 Sep 2020 at 17:42:29
    Re: From the PowerApps portal, how to securely talk to an external API hosted in Azure?

    Hi @Anonymous,

    Yes, but it requires quite a bit of work. Use Microsoft's documentation to get started (https://docs.microsoft.com/en-us/powerapps/maker/portals/oauth-implicit-grant-flow), but ultimately what you'll want to do is create a process in the Azure API (or use a middle layer) to validate the request is coming from the Portal and, therefore, to authenticate the bearer token. This uses the Portal's public key to identify that the request was created from the private key, so doesn't actually need access to the authentication service.

  • Community Power Platform Member Profile Picture
    Community Power Pla... on 23 Sep 2020 at 01:18:43
    Re: From the PowerApps portal, how to securely talk to an external API hosted in Azure?

    Hi Justin,

    Thanks a lot for your reply. The documentation you provided I already have seen and they have sample for c# code. Since I am new in portal so not sure how to implement c# code in portal. Do you suggest some Javascript sample? And do you know about adal js library and will it work? 

     

    Your explanation is still quite confusing to me.

  • Verified answer
    justinburch Profile Picture
    justinburch Microsoft Employee on 23 Sep 2020 at 04:23:15
    Re: From the PowerApps portal, how to securely talk to an external API hosted in Azure?

    Hi @Anonymous,

    This implementation does mostly use JavaScript - from the Portal end. Note that the biggest issue with JavaScript API in the Portal is that you're making everything, including authentication, accessible to a tech-savvy user. For example, if you just pass a username & pass or static credentials to an API from JavaScript, I can easily press F12 and see what you did. Then I can manipulate the data, or throw it into a whole bunch of virtual machines and try to throw thousands of requests at your API, all to try to break the API.

    The advantage of the documentation shared is that it relies on generating a coded API request only when the Portal has been setup to make a request to that particular API. But that's only half the problem - now the API needs to decode it. This is where the C# comes in - you need to be able to retrieve the decoding pattern from the Portal, apply it to the coded message, and if everything decodes without breaking then you can guarantee the request came from the trusted source.

  • Community Power Platform Member Profile Picture
    Community Power Pla... on 28 Sep 2020 at 10:52:44
    Re: From the PowerApps portal, how to securely talk to an external API hosted in Azure?
    Hi Justin, I have implemented their sample code and getting this error: {"xxxxxx: Audience validation failed. Audiences: ''. Did not match: validationParameters.ValidAudience: 'xxxxxxxxxxxxxxxxxx' or validationParameters.ValidAudiences: 'null'."} not sure I have missed anything, I am getting token using token endpoint. Could you please help me why I am getting this error in my API?
  • justinburch Profile Picture
    justinburch Microsoft Employee on 28 Sep 2020 at 18:19:45
    Re: From the PowerApps portal, how to securely talk to an external API hosted in Azure?

    For any future visitors, this thread has split to https://powerusers.microsoft.com/t5/Power-Apps-Portals/Audience-validation-failed-for-OAuth-2-0-implicit-grant-flow/m-p/702085#M4027

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Join experts in person to explore low code and AI agents at the Power Platform Community Conference sponsored by Microsoft

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Tom Macfarlan – Community Spotlight

We are honored to recognize Tom Macfarlan as our Community Spotlight for October…

Congratulations to the September Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Pages

#1
Fubar Profile Picture

Fubar 85 Super User 2025 Season 2

#2
Jerry-IN Profile Picture

Jerry-IN 43

#3
dgray304 Profile Picture

dgray304 39

Last 30 days Overall leaderboard

Featured topics

Updates on Power Apps Portals - PLEASE READ

Product updates

Microsoft Power Platform Community release plans