cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

Authorization Bearer in Header - Custom Connector

I have created a custom connector that is connecting to a vendor's API.  I have unauthenticated GET methods working, but now am working on some POSTs and am running into an issue with putting "Authorization: Bearer token_value" in the header.  Even on the unauthenticated GET calls, I can see in the request header that "Authorization: Bearer some_token_value" is already there.  I've tried setting the Header in my POST call, but then I get the error: "Message": "Error from ASE: Bad authorization header scheme".

 

I can see that the request header has my token_value and so it appears I'm not allowed to set the header that way.  What is the right way to send my "Authorization: Bearer token_value" to the API?

 

Thank you.

39 REPLIES 39
Anonymous
Not applicable

May I Know how to get that?

Hi Yoshi1

 

I can't thank you enough for taking the time to post this response. I applied your solution as described and it works like an absolute charm!!  I battled for months before I found you, but it is exactly what I needed.

 

May the world send good things your way.

Regards

Lael

Anonymous
Not applicable

Hello LaelLheeh, can u explain how you got that?

 

I think im facing the same problem.

 

I need a connector who makes login to get bearer token and then with this bearer token make the calls.

 

Thank you so much in advance!

Hi @Anonymous 

Go back to Pg 1 in the replies to this query and look for @Yoshi1 's response. He has screen shots and a description of how to do it.  It took me a while but after following his steps meticulously I got it to work. Give it a bash and come back if you still battle - then I can try and screenshare to assist.

Looks like this - quite easy to spot - but buried in all the replies - scroll until you see it.

LaelLeeH_0-1673886484279.png

Good luck. Was such a pleasure to get mine working!!

Anonymous
Not applicable

Hi @LaelLeeH 

 

Thank you for your answer.

 

I saw @Yoshi1 answer but i have some doubts about that.

 

My situation is this: I have a web app with their API. I would like to connect this API to Power BI so my users can download a report from my web app and edit the report with their own data. I tried to connect the API but Basic auth does not work for my API... I think thats because my Login method is a POST... I made a custom connector but creds are easy to see If u decompress the connector. My API needs to Login with Basic auth to get Bearer token and then make the calls to the API. This initial creds to generate the Bearer token are different for each user so... Maybe I have to create multiple custom connectors in Power Apps, one for each user? I've been trying for many months without success. Do You think this is possible in a good way?

 

This is the only thread where I think I can find some light.

 

Thanks for all and have a nice day!

Hi @Anonymous 

My situation is the same as yours I think.  My app connects to a 3rd party app through a custom connector. 3rd party app requires each user to have their own "Bearer-Token".  I have these "Bearer-Tokens" secured by my app and I pass them as a parameter to the Custom Connector.  It also took me months of searching before I found this thread, and finally got it right, so don't despair!!  I will try and elaborate below.

 

Firstly, inside your Custom Connector config, in "2.Security", set Authentication to "No Authentication Required" 

LaelLeeH_1-1674122777061.png

We will authenticate later by sending the "Bearer-Token" as a parameter to the connector.

 

To set this parameter up, you need to go to "3. Definition", and set up a "Policy" (look on the bottom right hand side, below Actions and References.

 

LaelLeeH_2-1674122917824.png

 

Select New Policy and then configure it as follows. I called mine "Bearer-Token" but you can call it whatever you like.

LaelLeeH_3-1674122990362.png

Then, if I recall correctly, you need to edit Swagger and add the following: (this step might not be needed if you update your connector after adding the policy, but just check this is in the Swagger anyway - add it if it is not in there because I know that this works)

 

So to get into Swagger you simply switch on the toggle in your Custom Connector header.  Once it has opened, search for you call (Action/Operation), and then add the following to the parameters section in the swagger.  

 

      - {name: Bearer-Token, in: header, required: false, type: string, default: Bearer

          Abcdefg ….,

        description: Bearer-Token}

I added it between Content-Type and Body. I have no idea if this is relevant or not - but just in case, for context, it fits in to the greater scheme of things here:

parameters:

      - {name: Content-Type, in: header, required: false, type: string, default: application/json,

        description: Content-Type}

      - {name: Bearer-Token, in: header, required: false, type: string, default: Bearer

          Abcdefg ….,

        description: Bearer-Token}

      - name: body

        in: body

        schema:

          type: object

 

Note that Abcdefg ... is simply a placeholder for the Bearer-Token that you will use later. I actually used a valid one, but just can't share that here for obvious reasons. So replace  Abcdefg ... (after the word Bearer and a space) with one of your valid tokens). Again not sure if this is necessary, but it is what I did to get it working.

Then make sure to Update connector.

 

Now if you go back to 3. Definition, and select your Action, you will see you have a new Header (mine was called "Bearer-Token" (yours will be the same as your chosen policy name).

LaelLeeH_4-1674123397304.png

If that all looks good, then go to "5.Test" to test it.

Just an aside, if you haven't created a connection yet, you may have to do that first.

 You will see you get asked to enter the parameters. Mine asks for Content-Type and Bearer-Token.  Whatever you put in Bearer-Token seems to over-write what you put in the swagger.

LaelLeeH_5-1674124001819.png

If that works then you are done. You can now call your connector from anywhere and it will ask you for your "Bearer-Token" as a parameter, just as you do for "Content-Type"

 

Hope this gets you on the road. Shout of you have any further queries.

Regards

Lael

 

Anonymous
Not applicable

Can you add a screenshot of the Powerautomate custom connection, to help understand it better?

Hi there,

Thanks for the solution, but in my case, there is no Policy section available in the custom connector setup, do you have any idea? am I missing anything? I appreciate your insights here.

 

Thanks,

Aravindh

Hi @Aravindh . In my case I see it on the Definitions tab (tab 3) of the connector config.  Scroll down right to the bottom. It is the last section in the left hand pane. See screenshot below:

 

LaelLeeH_0-1682051599230.png

 

 

This solution is working for me, here I need hight light the point is step#6. we need type in with "Bearer " before the api key. If no this keyword, will face 401 error

Bruce_Wang_0-1682836895486.png

 

RunningSenior
Frequent Visitor

@Yoshi1 Did you get this to work even on "Get" Requests? Or only on "Post" Method?

Thanks so much for your reply, it really helped me solve my issue!

👍

Hi @Anonymous ,

I have the same problem like you. I have a an API from a service and I need to call it. In order to do this they have another url with basic auth in order to get a bearer token and then use it as authorization in my call. I am not a developer and doing this for my family business.. Do you mind if you can guide me how you did that step by step?

Anonymous
Not applicable

For some reason both headers are being sent (with different values?!), which causes failures in my call:

Ricalex_0-1693063417788.png


Does anyone know what can I be missing? I've selected 'No Authentication' in the Security tab.

Hello,

I lost two days just to figure it out that in access-token you should not only post the token. The value that goes in access-token is "Bearer access-token" no double quotes.

Thanks for the solution

@Anonymous, I'm getting the same behavior. Did you ever figure it out?

this one works for me, thank you, yoshi!

Hi, I tried this approach but it doesn't work for me. I have a local  gateway setup for an internal api that needs to authenticate using bearer token.

 

Everything looks okay but I get a 400 as respose. Any help here would be greatly appreciated.

Did you get a solution to this? I have the same issue

 

Isaac_Asimov
Frequent Visitor

Unfortunatly the solution explained by @Yoshi1 and @LaelLeeH doesn't seem to work anymore. (btw thanks for your posts!!)

The policy doesn't get executed, and the "Authorization" value remain unchanged, no matter what value the policie is supposed to give it (wanted to replace Bearer by Basic here -> maybe thoses options doesn't work with a Basic Authorization value.... ?).

 

Isaac_Asimov_2-1719939742950.png

However! I'm working with an httpS:// URL so MAYBE the policie doesn't work on them since it's title is "Set HTTP header". Would be logical although quite suprising.

 

Second option that is to set the security at API Key and give it "Authorization" as a parameter name and

"Bearer YOUR_BEARER_TOKEN_VALUE" as a value when creating the connexion doesn't work either. The connector ignore it and still send the generated Authorization value

Isaac_Asimov_3-1719939802654.png

 

 

Advice to any reader, open Power Automate ^^'

Helpful resources

Announcements

Community will be READ ONLY July 16th, 5p PDT -July 22nd

Dear Community Members,   We'd like to let you know of an upcoming change to the community platform: starting July 16th, the platform will transition to a READ ONLY mode until July 22nd.   During this period, members will not be able to Kudo, Comment, or Reply to any posts.   On July 22nd, please be on the lookout for a message sent to the email address registered on your community profile. This email is crucial as it will contain your unique code and link to register for the new platform encompassing all of the communities.   What to Expect in the New Community: A more unified experience where all products, including Power Apps, Power Automate, Copilot Studio, and Power Pages, will be accessible from one community.Community Blogs that you can syndicate and link to for automatic updates. We appreciate your understanding and cooperation during this transition. Stay tuned for the exciting new features and a seamless community experience ahead!

Summer of Solutions | Week 4 Results | Winners will be posted on July 24th

We are excited to announce the Summer of Solutions Challenge!    This challenge is kicking off on Monday, June 17th and will run for (4) weeks.  The challenge is open to all Power Platform (Power Apps, Power Automate, Copilot Studio & Power Pages) community members. We invite you to participate in a quest to provide solutions to as many questions as you can. Answers can be provided in all the communities.    Entry Period: This Challenge will consist of four weekly Entry Periods as follows (each an “Entry Period”)   - 12:00 a.m. PT on June 17, 2024 – 11:59 p.m. PT on June 23, 2024 - 12:00 a.m. PT on June 24, 2024 – 11:59 p.m. PT on June 30, 2024 - 12:00 a.m. PT on July 1, 2024 – 11:59 p.m. PT on July 7, 2024 - 12:00 a.m. PT on July 8, 2024 – 11:59 p.m. PT on July 14, 2024   Entries will be eligible for the Entry Period in which they are received and will not carryover to subsequent weekly entry periods.  You must enter into each weekly Entry Period separately.   How to Enter: We invite you to participate in a quest to provide "Accepted Solutions" to as many questions as you can. Answers can be provided in all the communities. Users must provide a solution which can be an “Accepted Solution” in the Forums in all of the communities and there are no limits to the number of “Accepted Solutions” that a member can provide for entries in this challenge, but each entry must be substantially unique and different.    Winner Selection and Prizes: At the end of each week, we will list the top ten (10) Community users which will consist of: 5 Community Members & 5 Super Users and they will advance to the final drawing. We will post each week in the News & Announcements the top 10 Solution providers.  At the end of the challenge, we will add all of the top 10 weekly names and enter them into a random drawing.  Then we will randomly select ten (10) winners (5 Community Members & 5 Super Users) from among all eligible entrants received across all weekly Entry Periods to receive the prize listed below. If a winner declines, we will draw again at random for the next winner.  A user will only be able to win once overall. If they are drawn multiple times, another user will be drawn at random.  Individuals will be contacted before the announcement with the opportunity to claim or deny the prize.  Once all of the winners have been notified, we will post in the News & Announcements of each community with the list of winners.   Each winner will receive one (1) Pass to the Power Platform Conference in Las Vegas, Sep. 18-20, 2024 ($1800 value). NOTE: Prize is for conference attendance only and any other costs such as airfare, lodging, transportation, and food are the sole responsibility of the winner. Tickets are not transferable to any other party or to next year’s event.   ** PLEASE SEE THE ATTACHED RULES for this CHALLENGE**   Week 1 Results: Congratulations to the Week 1 qualifiers, you are being entered in the random drawing that will take place at the end of the challenge.   Community MembersNumber SolutionsSuper UsersNumber Solutions Deenuji 9 @NathanAlvares24  17 @Anil_g  7 @ManishSolanki  13 @eetuRobo  5 @David_MA  10 @VishnuReddy1997  5 @SpongYe  9JhonatanOB19932 (tie) @Nived_Nambiar  8 @maltie  2 (tie)   @PA-Noob  2 (tie)   @LukeMcG  2 (tie)   @tgut03  2 (tie)       Week 2 Results: Congratulations to the Week 2 qualifiers, you are being entered in the random drawing that will take place at the end of the challenge. Week 2: Community MembersSolutionsSuper UsersSolutionsPower Automate  @Deenuji  12@ManishSolanki 19 @Anil_g  10 @NathanAlvares24  17 @VishnuReddy1997  6 @Expiscornovus  10 @Tjan  5 @Nived_Nambiar  10 @eetuRobo  3 @SudeepGhatakNZ 8     Week 3 Results: Congratulations to the Week 3 qualifiers, you are being entered in the random drawing that will take place at the end of the challenge. Week 3:Community MembersSolutionsSuper UsersSolutionsPower Automate Deenuji32ManishSolanki55VishnuReddy199724NathanAlvares2444Anil_g22SudeepGhatakNZ40eetuRobo18Nived_Nambiar28Tjan8David_MA22   Week 4 Results: Congratulations to the Week 4 qualifiers, you are being entered in the random drawing that will take place at the end of the challenge. Week 4:Community MembersSolutionsSuper UsersSolutionsPower Automate Deenuji11FLMike31Sayan11ManishSolanki16VishnuReddy199710creativeopinion14Akshansh-Sharma3SudeepGhatakNZ7claudiovc2CFernandes5 misc2Nived_Nambiar5 Usernametwice232rzaneti5 eetuRobo2   Anil_g2   SharonS2  

Check Out | 2024 Release Wave 2 Plans for Microsoft Dynamics 365 and Microsoft Power Platform

On July 16, 2024, we published the 2024 release wave 2 plans for Microsoft Dynamics 365 and Microsoft Power Platform. These plans are a compilation of the new capabilities planned to be released between October 2024 to March 2025. This release introduces a wealth of new features designed to enhance customer understanding and improve overall user experience, showcasing our dedication to driving digital transformation for our customers and partners.    The upcoming wave is centered around utilizing advanced AI and Microsoft Copilot technologies to enhance user productivity and streamline operations across diverse business applications. These enhancements include intelligent automation, AI-powered insights, and immersive user experiences that are designed to break down barriers between data, insights, and individuals. Watch a summary of the release highlights.    Discover the latest features that empower organizations to operate more efficiently and adaptively. From AI-driven sales insights and customer service enhancements to predictive analytics in supply chain management and autonomous financial processes, the new capabilities enable businesses to proactively address challenges and capitalize on opportunities.    

Updates to Transitions in the Power Platform Communities

We're embarking on a journey to enhance your experience by transitioning to a new community platform. Our team has been diligently working to create a fresh community site, leveraging the very Dynamics 365 and Power Platform tools our community advocates for.  We started this journey with transitioning Copilot Studio forums and blogs in June. The move marks the beginning of a new chapter, and we're eager for you to be a part of it. The rest of the Power Platform product sites will be moving over this summer.   Stay tuned for more updates as we get closer to the launch. We can't wait to welcome you to our new community space, designed with you in mind. Let's connect, learn, and grow together.   Here's to new beginnings and endless possibilities!   If you have any questions, observations or concerns throughout this process please go to https://aka.ms/PPCommSupport.   To stay up to date on the latest details of this migration and other important Community updates subscribe to our News and Announcements forums: Copilot Studio, Power Apps, Power Automate, Power Pages

Users online (2,069)