Skip to main content

Set Up Azure API Application with User's Credentials

This guide will walk you through the setup of Microsoft Azure API app with the user's credentials.

Dataverse requires an additional step of creating a user in Power Platform.

Register App

  1. Go to  Microsoft Azure.

  2. Sign in with your Microsoft Azure account.

  3. On the Home screen use Search, or go to the upper left corner menu to open the Microsoft Entra ID service.

  4. Select Manage and open App registrations in the left menu.

  5. Select + New registration.

  6. Enter the Name of the app.

  7. Choose desired account type – both Single tenant and Multitenant are allowed.

  8. In the optional Redirect URI part, select Web-page application (WPA) and enter the http://localhost/ URL.

    For older connector versions, refer to the table at the bottom of the page.

  9. Select Register.

    The Application (client) ID is your Client ID.

    The Directory (tenant) ID is your Tenant ID.

  10. Go to Certificates & secrets and add New client secret. Copy the Value as it won't be accessible again once you leave the page – this is your Client Secret.

Grant Permissions to App

Go to API permissions to add these Delegated permissions.

ADLS

Azure Storage

  1. offline_access

Microsoft Graph

  1. user_impersonation

Dataverse

Microsoft Graph

  1. email

  2. offline_access

  3. openid

  4. profile

  5. User.Read

Dynamics CRM

  1. User_impersonation

Outlook 365

Microsoft Graph

  1. email

  2. openid

  3. offline_access

  4. profile

  5. User.Read

  6. User.ReadBasic.All

  7. User.ReadWrite

  8. Mail.Read

  9. Mail.ReadWrite

  10. Mail.ReadWrite.Shared

  11. Calendars.ReadWrite

  12. Calendars.ReadWrite.Shared

OneDrive

Microsoft Graph

  1. email

  2. offline_access

  3. openid

  4. profile

  5. Files.ReadWrite.All

  6. User.Read

Power Automate

Flow Service

  1. User

  2. Activity.Read.All

  3. Approvals.Manage.All

  4. Approvals.Read.All

  5. Flows.Manage.All

  6. Flows.Read.All

  7. Flows.Read.Plans

  8. Flows.Write.Plans

Power BI Output

Microsoft Graph

  1. Offline_access

  2. Openid

  3. User.Read

  4. email

  5. profile

Power BI Service

  1. Dataset.ReadWrite.All

  2. Workspace.Read.All

SharePoint

To maintian full functionality, add all of these permissions.

For SharePoint Files:

Microsoft Graph

  1. email

  2. offline_access

  3. openid

  4. profile

  5. User.Read

  6. Files.Read.All - for SharePoint Input.

    OR

    Filed.ReadWrite.All - for SharePoint Output.

    Add both permissions for SharePoint Input and Output.

  7. Sites.Read.All

For SharePoint Lists:

SharePoint

  1. AllSites.Manage

  2. AllSites.Read

  3. AllSites.Write

Sign In to Your App

Now you can use this app in the connector. To authenticate login, you will need to enter your Client ID, Client Secret ID and Tenant ID in Designer and sign in to your account in the web browser.

For more information, visit Microsoft portal.

Create User in Power Platform

Create a user for your Dataverse app in Power Platform and add a security role:

  1. Go to Power Platform admin center.

  2. Select an environment.

  3. Select Settings. In Users + permissions, select Application users.

  4. Select New app user.

  5. Select Add an app and select your app.

  6. Select a Business unit.

  7. In Security roles, select an applicable role.

  8. Select Create.

Select these options and enter these URLs for older connector versions when you set up a custom API application.

Connector and version

Dropdown option

URLs

OneDrive version 2.0.2 and earlier

Single-page application (SPA)

https://cef.alteryx.com/designer/oauthcallback

https://login.live.com/oauth20_desktop.srf

Outlook 365 version 1.0.0

Power BI Output version 3.1.0 and earlier

SharePoint Files version 1.1.1 and earlier