Authorising Office365 logic app API Connection with PowerShell

Krupa Gundraju (Larsen & Toubro Infotech Limit) 126 Reputation points
2022-03-30T09:07:56.66+00:00

Trying to setup a bunch of logic apps with supporting Azure functions etc. concept is to utilize ML/Azure functions/Logic apps etc. to setup an automated mailing system.

Everything is deployed using ADO/Git with CD/CI pipelines, but we have a problem with the Office365 connector that needs authorization after creation. I found an article that creates a windows form for authentication "https://learn.microsoft.com/en-us/archive/blogs/ronba/using-powershell-and-the-office-365-rest-api-with-oauth" , but we want to do this using azuredevops pipeline and thus are looking for a silent approach, any ideas or links would be appreciated?

Thanks
Krupa G

Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
2,854 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,381 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. MughundhanRaveendran-MSFT 12,431 Reputation points
    2022-03-31T06:55:19.497+00:00

    @KrupaGundrajuLarsenToubroInfotechL-6566 ,

    Thanks for reaching out to Q&A.

    Unfortunately, the Office365 connector will prompt for authentication which is a known limitation. The powershell article that you are refering seems to be archived, I am not sure if it would work as expected or it would be supported. If it works, you can run that script in devops via PowerShell task. However if you are looking for Single sign on approach, then you might want to explore Microsoft Graph API to send mails. You can leverage Azure functions to run the script/code using the Graph API (I have not tried it, you might have to trial and error).

  2. MayankBargali-MSFT 68,641 Reputation points
    2022-04-04T07:06:55.023+00:00

    @KrupaGundrajuLarsenToubroInfotechL-6566 Unfortunately you can’t authenticate the user in a non-interactive way in the connector. Thus, there is no way to fully automate this.

    • Consider not re-creating api connection after initial manual authentication since there's no need unless cred changes, and only include logic apps in the arm template for subsequent deployment.
    • Consider using HTTP with MSI to call graph API directly.

    For connection resource define you can refer to this.
    More details: https://learn.microsoft.com/en-us/azure/logic-apps/logic-apps-deploy-azure-resource-manager-templates#authorize-oauth-connections

    0 comments
  3. Limitless Technology 39,371 Reputation points
    2022-04-06T08:06:45.427+00:00

    Hi @KrupaGundrajuLarsenToubroInfotechL-6566

    Office365 API authorization works with the OAuth 2.0 Authorisation Code Grant Type, which means, you can only get the authorization code by getting the user owning the mailbox to sign in to get the code.

    This behavior of the API is by design. Thus, there is no way to fully automate this. But you can refer to the below article to get insights about using Powershell for your process.

    Use PowerShell Script to Manage Your API Connection of Logic App (Consumption) Resources
    https://techcommunity.microsoft.com/t5/integrations-on-azure-blog/use-powershell-script-to-manage-your-api-connection-of-logic-app/ba-p/2668253

    Authenticate access to Azure resources with managed identities in Azure Logic Apps
    https://learn.microsoft.com/en-us/azure/logic-apps/create-managed-service-identity?tabs=consumption

    Hope this resolves your Query!!

    --
    --If the reply is helpful, please Upvote and Accept it as an answer–

    0 comments