Share
ReportSo I have done some research (both within the community as well as on Google), and I am a bit lost as to what viable options are for calling external APIs from a portal.
My requirement (apart from basic GETs) is to have something like a form with input fields that sends a request when the form is submitted based on the logged in user.
I have tried several things, each with their own limitations:
- Custom connector
- Works well for GET requests but stores the data in DataVerse which is not ideal and not suitable for POST/PUT
- Power Automate (Trigger a flow from the portal with a HTTP request)
- Works but trigger the flow with clientside JS/JQuery allows the user to reverse engineer the API call
- Custom JS/Jquery/Ajax
- Same issue as above. Client side API calls are basically a no-go
- Custom PCF
- My test for this worked but it was very limited (I could either add the PCF control to a basic form but that requires me to relate the form with a dataverse entity). I also tried an alternative by embedding the PCF canvas app with an Iframe in the portal. This works but I don't want to be dependent on iFrames.
One of the few options left (that I currently see) is either create Power Pages form, tied to a dataverse entity, and then creating a Power Automate flow that triggers on a new dataverse record that posts the data to an external API.
I also haven't tried the implicit grant flow yet https://learn.microsoft.com/en-us/power-apps/maker/portals/oauth-implicit-grant-flow which seems suitable for authenticating a portal user, however, implicit grant flows are far from best practice when it comes to OAuth 2.0 based APIs.
Basically my question is as follows: have I exhausted all options and can I conclude that there's no standardised way to securely call external APIs from a Power Page or have I overlooked something?
All responses (
Answers (
160
