@Tim At the moment, the sharepoint authorization works with the OAuth 2.0 Authorization Code Grant Type, which means, you can only get the authorization code by getting the user sign in to get the code. This behavior of the API is by design. Thus, there is no way to fully automate this.
- Consider not re-creating api connection after initial manual authentication since there's no need unless cred changes, and only include logic apps in arm template for subsquent deployment.
- Consider using HTTP with MSI to call graph API directly.
For connection resource define you can refer to this.
More details : https://learn.microsoft.com/en-us/azure/logic-apps/logic-apps-deploy-azure-resource-manager-templates#authorize-oauth-connections