locked
Logic Apps Custom Connector not passing Authorization Header to API Management endpoints RRS feed

  • Question

  • Hello,

    I am struggling with an issue related to security of an Azure Logic Apps custom connector. We have an Auth0 identity management solution and I have setup my custom connector to use the generic oauth2 security template. My API definition also includes the corresponding security schema applied to all paths. 

    Using the same open api spec I can import the spec into Postman, add the Authorization header {Bearer {valid bearer token}} and these requests are successful.

    I am getting a 401 when performing the same exact operations via the custom connector, I have tried several things and all have led to the same result of getting 401 unauthorized. I can confirm that the workflow and specifically the custom connector component is getting access tokens from our auth0 identity management server however it appears as though these are not being applied to the requests being made to the API management resource. 

    Thanks in advance for any help/support.

    Friday, March 8, 2019 5:09 PM

All replies

  • If I use Generic OAuth2 for Security, will it pass the Authorization header to the appropriate endpoints?

    We verified the connector is getting an access token from our auth server, but it's not passing the token to our endpoints.

    Based on what I'm reading in this blog, that would be the expected behavior for any of these auth types.

    https://www.serverless360.com/blog/custom-connectors-in-azure-logic-apps

    Specifically: "The next tab we need to address is Security. Once again this is information that will be included in our Open API spec file. In our case, the Fantasy Data API depends upon an API Key to authenticate. When you create an account on their site, they provide you with two API keys. They use this key to authenticate you, but also to track your usage. Since all of these parameters are there in our Open API spec file, we do not need to make any changes to our Parameter label, Parameter name or Parameter location. Under the hood, Logic Apps will use this information to assemble a header that will be passed to the Fantasy Data API in a manner that it expects."

    Friday, March 8, 2019 5:07 PM
  • Hi Justin - Were you able to get this resolved?
    Tuesday, March 12, 2019 11:47 AM
  • We were not able to get this resolved.
    Monday, March 18, 2019 7:21 PM
  • Hi Justin,

    Auth0 is your identity provider to perform validation handshake. If your identity provider is not listed in the Auth 2.0 list ,then only option is to write Authorization wrapper on top of your web api 

     


    If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply

    Tuesday, March 19, 2019 2:53 AM