Set Up Azure API Application with User's Credentials
This guide will walk you through the setup of Microsoft Azure API app with the user's credentials.
Dataverse requires an additional step of creating a user in Power Platform.
Register App
Go to Microsoft Azure.
Sign in with your Microsoft Azure account.
On the Home screen use Search, or go to the upper left corner menu to open the Microsoft Entra ID service.
Select Manage and open App registrations in the left menu.
Select + New registration.
Enter the Name of the app.
Choose desired account type – both Single tenant and Multitenant are allowed.
In the optional Redirect URI part, select Web-page application (WPA) and enter the http://localhost/ URL.
For older connector versions, refer to the table at the bottom of the page.
Select Register.
The Application (client) ID is your Client ID.
The Directory (tenant) ID is your Tenant ID.
Go to Certificates & secrets and add New client secret. Copy the Value as it won't be accessible again once you leave the page – this is your Client Secret.
Grant Permissions to App
Go to API permissions to add these Delegated permissions.
ADLS
Azure Storage
offline_access
Microsoft Graph
user_impersonation
Dataverse
Microsoft Graph
email
offline_access
openid
profile
User.Read
Dynamics CRM
User_impersonation
Outlook 365
Microsoft Graph
email
openid
offline_access
profile
User.Read
User.ReadBasic.All
User.ReadWrite
Mail.Read
Mail.ReadWrite
Mail.ReadWrite.Shared
Calendars.ReadWrite
Calendars.ReadWrite.Shared
OneDrive
Microsoft Graph
email
offline_access
openid
profile
Files.ReadWrite.All
User.Read
Power Automate
Flow Service
User
Activity.Read.All
Approvals.Manage.All
Approvals.Read.All
Flows.Manage.All
Flows.Read.All
Flows.Read.Plans
Flows.Write.Plans
Power BI Output
Microsoft Graph
Offline_access
Openid
User.Read
email
profile
Power BI Service
Dataset.ReadWrite.All
Workspace.Read.All
SharePoint
To maintian full functionality, add all of these permissions.
For SharePoint Files:
Microsoft Graph
email
offline_access
openid
profile
User.Read
Files.Read.All - for SharePoint Input.
OR
Filed.ReadWrite.All - for SharePoint Output.
Add both permissions for SharePoint Input and Output.
Sites.Read.All
For SharePoint Lists:
SharePoint
AllSites.Manage
AllSites.Read
AllSites.Write
Sign In to Your App
Now you can use this app in the connector. To authenticate login, you will need to enter your Client ID, Client Secret ID and Tenant ID in Designer and sign in to your account in the web browser.
For more information, visit Microsoft portal.
Create User in Power Platform
Create a user for your Dataverse app in Power Platform and add a security role:
Go to Power Platform admin center.
Select an environment.
Select Settings. In Users + permissions, select Application users.
Select New app user.
Select Add an app and select your app.
Select a Business unit.
In Security roles, select an applicable role.
Select Create.
Select these options and enter these URLs for older connector versions when you set up a custom API application.
Connector and version | Dropdown option | URLs |
---|---|---|
OneDrive version 2.0.2 and earlier | Single-page application (SPA) | |
Outlook 365 version 1.0.0 | ||
Power BI Output version 3.1.0 and earlier | ||
SharePoint Files version 1.1.1 and earlier |