API Connection is failing after Logic App deployment from Visual Studio

krisnov 16 Reputation points
2021-11-26T15:49:21.847+00:00

I'm deploying Logic App from Visual Studio with the API connection to custom connector. Unfortunately soon after the deployment API connection is giving me an Error. It works absolutely fine if I Authorize it manually.

From the properties I can see below error... missing token, however when I try to add the token to the ARM template it says token is not accepted.

 "authenticatedUser": {},
        "overallStatus": "Error",
        "statuses": [
            {
                "status": "Error",
                "target": "token",
                "error": {
                    "code": "Unauthenticated",
                    "message": "This connection is not authenticated."
                }
            }
        ]
   

API Connection authentication is based on the user where Custom Connector is authenticated by Azure AD with clientId, secret and resource url in place. When I try to add them to the ARM it's also failing stating API Connection isn't authenticated with them... which is true.

I'm puzzled with this how to get this working. Here is my ARM template

    {
      "type": "MICROSOFT.WEB/CONNECTIONS",
      "apiVersion": "2018-07-01-preview",
      "name": "[parameters('LogicAppWorkflows_Connection_Name')]",
      "location": "[parameters('logicAppLocation')]",
      "properties": {
        "api": {
          "id": "[resourceId('Microsoft.Web/customApis', 'LogicAppWorkflows')]"
        },
        "displayName": "[parameters('LogicAppWorkflows_Connection_DisplayName')]",
        "authenticatedUser": {
          "name": "xxxxx@xxxx"
        }
      }
    }

And API Connection Template

{
    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "connections_LogicAppWorkflows_name": {
            "defaultValue": "LogicAppWorkflows",
            "type": "String"
        },
        "customApis_LogicAppWorkflows_externalid": {
            "defaultValue": "/subscriptions/xxxxxxx/resourceGroups/xxxxxxx/providers/Microsoft.Web/customApis/LogicAppWorkflows",
            "type": "String"
        }
    },
    "variables": {},
    "resources": [
        {
            "type": "Microsoft.Web/connections",
            "apiVersion": "2016-06-01",
            "name": "[parameters('connections_LogicAppWorkflows_name')]",
            "location": "xxxxx",
            "kind": "V1",
            "properties": {
                "displayName": "xxxxxxx@xxxxxxx",
                "statuses": [
                    {
                        "status": "Error",
                        "target": "token",
                        "error": {}
                    }
                ],
                "customParameterValues": {},
                "nonSecretParameterValues": {},
                "createdTime": "2021-11-26T15:21:49.1414968Z",
                "changedTime": "2021-11-26T15:43:38.2629829Z",
                "api": {
                    "name": "[parameters('connections_LogicAppWorkflows_name')]",
                    "displayName": "[parameters('connections_LogicAppWorkflows_name')]",
                    "description": "[parameters('connections_LogicAppWorkflows_name')]",
                    "iconUri": "/Content/retail/assets/default-connection-icon.e6bb72160664a5e37b9923c3d444444.2.svg",
                    "id": "[parameters('customApis_LogicAppWorkflows_externalid')]",
                    "type": "Microsoft.Web/customApis"
                },
                "testLinks": []
            }
        }
    ]
}

Any help appreciated, Thanks.

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,663 questions
Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
2,716 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,736 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Rana Khan 0 Reputation points
    2023-08-09T08:52:30.74+00:00

    You probably need a policy. Use a bicep template. First, find the existing API connection and the existing logic app, and then use the bicep template

    resource blobStorageAccessPolicy 'Microsoft.Web/connections/accessPolicies@2016-06-01' = {
    
    0 comments No comments