Skip to main content

Set Up Azure API Application with Service Principal

This guide will walk you through the setup of Microsoft Azure API app with service principal.

Dataverse requires an additional step of creating a user in Power Platform.

Register App

  1. Go to  Microsoft Azure.

  2. Sign in with your Microsoft Azure account.

  3. On the Home screen use Search, or go to the upper left corner menu to open the Microsoft Entra ID service.

  4. Select Manage and open App registrations in the left menu.

  5. Select + New registration.

  6. Enter the Name of the app.

  7. Choose desired account type – both Single tenant and Multitenant are allowed.

  8. In the optional Redirect URI part, select Web-page application (WPA) and enter the http://localhost/ URL.

    For older connector versions, refer to the table at the bottom of the page.

  9. Select Register.

    The Application (client) ID is your Client ID.

    The Directory (tenant) ID is your Tenant ID.

  10. Go to Certificates & secrets and add New client secret. Copy the Value as it won't be accessible again once you leave the page – this is your Client Secret.

Manage Service Principal

Note

These permissions are required only for Service Principal.

Go to API permissions to add these Application permissions.

Dataverse

Microsoft Graph

  1. Files.Read.All

  2. Files.ReadWrite.All

  3. Sites.Read.All

OneDrive

Microsoft Graph

  1. Files.Read.All

  2. Files.ReadWrite.All

  3. Sites.Read.All

Outlook 365

Microsoft Graph

  1. Calendars.ReadWrite

  2. Mail.ReadWrite

  3. User.Read.All

Power BI Output

See Power BI Service Principal.

SharePoint

Microsoft Graph

  1. Sites.Selected

    Visit the Alteryx Community for more details.

AND/OR

SharePoint

  1. Sites.Manage.All

  2. Sites.ReadWrite.All

  3. User.Read.All

Sign In to Your App

Now you can use this app in the connector. To authenticate login, you will need to enter your Client ID, Client Secret ID and Tenant ID in Designer and sign in to your account in the web browser.

For more information, visit Microsoft portal.

Power BI Service Principal

To use the custom API application...

  1. Create an Azure security group and add the Power BI app registration (service principal) to it.

  2. In the Power BI Admin Portal, go to Tenant Settings & Developer Settings. Turn on the option to Allow service principals to use Power BI APIs and add the security group under Apply to.

  3. Add the Power BI app registration to your workspace access as a member. For more details, see the Power BI documentation.

Create User in Power Platform

Create a user for your Dataverse app in Power Platform and add a security role:

  1. Go to Power Platform admin center.

  2. Select an environment.

  3. Select Settings. In Users + permissions, select Application users.

  4. Select New app user.

  5. Select Add an app and select your app.

  6. Select a Business unit.

  7. In Security roles, select an applicable role.

  8. Select Create.

Select these options and enter these URLs for older connector versions when you set up a custom API application.

Connector and version

Dropdown option

URLs

OneDrive version 2.0.2 and earlier

Single-page application (SPA)

https://cef.alteryx.com/designer/oauthcallback

https://login.live.com/oauth20_desktop.srf

Outlook 365 version 1.0.0

Power BI Output version 3.1.0 and earlier

SharePoint Files version 1.1.1 and earlier