Notifications
Announcements
Hello,
We are using Azure DevOps Power Platform Build Tools (1.0.13) extension.
We are currently trying to use the following step : "Power Platform Backup Environment" and we would like to know when the feature using the service principal name will be available?
We're using at the moment a service account and the MFA is not supported with this authentication type.
We have read this documentation : https://docs.microsoft.com/en-us/power-platform/alm/devops-build-tool-tasks#power-platform-backup-environment.
Do you have a narrower timeline for the availability of this feature ?
Many thanks in advance!
Struggeling with the same issue for Dynamics 365. Performing this task with a service principal is not possible at the moment.
We are having the same issue. Not possible (yet).
Would be nice to know if this will be supported in the near future.
I also am having trouble. I'm using version 1.0.23 and was under the impression that SPN auth *was* supported for Backups.
I'm getting an error in Azure DevOps about permissions and I assume the reason is that SPN auth is actually not supported.
Can anyone confirm?
Message=The service principal with id 'AzureAD ID Redacted' for application does not have permission to access the path 'https://api.bap.microsoft.com/providers/Microsoft.BusinessAppPlatform/environments/56a8d75e-20a9-48f2-8ae4-8c04d5e3215d/backups?api-version=2019-05-01' in tenant ***.; Internal=System.Net.HttpWebResponse}
I am running in the to same issue. I am using version 0.0.23.
I just broke down and created another generic service connection in AzureDevOps (Username/password). The unfortunate thing is that MFA can't be used with the U/P service connection and you end up having two for a single environment. Not optimal of course.
To close the loop on this one. It seems the latest update now allows you to use service principal auth and use the Power platform Backup Environment task to do backups in your own tenant. I have been able to remove all the Generic username/password Service connections from my DevOps instance.
@JeffCarma Did you actually test this successfully? The option to use a service principal has been around for a while but when actually executing the task so far I've always ran into an error. Would be wonderful if that finally works as expected.
Yes @sit-md , I converted all of my Backup steps last week to Service Principal authentication. Unless there's something going on I can't see, it seems to be working for me. I just ran a backup to show you it worked.
Is it still not working for you?
Here's a snip from the job step output during the execution.
Unfortunately I still get an error message (probably due to a lack of permissions):
I have set the application user as a System Administrator per the docs. Sorry it's not working for you.
https://docs.microsoft.com/en-us/power-platform/alm/devops-build-tools
Ensure that the added Application User has the system administrator role assigned (available from “Manage Roles” in the security settings for the application user).
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
In our never-ending quest to improve we are simplifying the forum hierarchy…
We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…
These are the community rock stars!
Stay up to date on forum activity by subscribing.
WarrenBelz 739 Most Valuable Professional
Michael E. Gernaey 343 Super User 2025 Season 2
Power Platform 1919 268
