App registration in Azure - set it up to own Power Automate flows

What is a Service Principal in Power Platform?

A Service Principal is a non-interactive account that facilitates connections to Dataverse and the management of flows. Essentially, this “User” is an Azure App, which is employed within the Power Platform to take ownership of Power Automate flows. It’s important to note that you cannot log in with a Service Principal or interact with it as you would with a typical Azure AD User.

This article will help you set up an App Registration in Azure, which you can later use as a Service Principal for managing flows.

Please remember that you need access to the Azure Portal to initiate and configure an App Registration in Azure. So, please make sure you have the necessary permissions before proceeding with the setup.

Service Principal - this is a series!

Hey! This is a series of three articles regarding a Service Principal.

  1. Set up Service Principal in Azure to work with Power Platform – this article shows you how to set up an App Registration in Azure to work with Power Platform
  2. Own and run Power Automate flows with Service Principal – this article, on the other hand, discusses how to register a Service Principal in Power Platform and how to own and run flows in Power Automate
  3. Use a Service Principal to run Dataverse actions in Power Automate – the last one of the series discusses how Dataverse actions can run with a Service Principal so users don’t need to use their personal accounts to authenticate.

Set up App Registration in Azure Portal

To start, open Azure Portal via the link: https://portal.azure.com/#home. Then, you should see the “App registrations” icon. If you can’t locate the icon, just type the “App registration” phrase in the search.

If you can’t locate the icon, type the “App registration” phrase in the search.

Now, after you enter “App registrations”, press the “+ New registration” button.

Provide a name for your App and choose “Accounts in this organization directory..”. This option is a default one. We do not want to integrate with other tenants, so we stick to this choice. After that, press “Register”. The button is available at the bottom of the site.

Done! Our application has just been registered. Now what? After registering the app, we must provide permission for Power Automate – because we want this App to own and manage our flows.

Go to “App registrations” again and find your application.

Open it and choose “Api permissions” from the left pane.

Click “+ Add a permission”.

From the list choose “Power Automate”.

Choose the permission I’ve chosen here:

  • User – Access Power Automate cloud flows.
  • Activity.Read.All – Allows to read activities in Power Automate
  • Flows – Allows to read and manage Power Automate cloud flows and also read and modify flows permissions
    • Manage.All
    • Read.All
    • Read.Plans
    • Write.Plans

This is the final list of permissions for this Service Principal.

This app is ready to be used as a Service Principal in Power Platform to own Power Automate cloud flows.

We don’t need to provide a Client Secret for this app, because we will not be using it with Dataverse. We want to own and manage flows with it. The actions I’ve shown you in this article are sufficient to accomplish this goal.

Summary

It wasn’t hard, was it? Application registration is incredibly versatile, extending beyond the realm of Power Automate. It is frequently employed in Custom Connectors as well. Understanding the advantages of this feature in both Power Platform and Azure equips you with the ability to harness its strengths. I trust you gained valuable insights from this article.

So, finally, we are at this point where I should thank you for your time and reading this article. Feel free to rate this article and comment if you liked it. If you have any questions, feel free to contact me (via contact@poweruniverse.org), but first, you may be interested in joining a Newsletter. Hmm? (Sign up here) If you already did, wow, thanks, thanks a lot 🙂 

Via Newsletter, I am sharing insights into my work, plans for upcoming weeks, and knowledge about the Power Platform Universe and the IT world. If you are interested, feel free to join! I am going to send the latest Newsletter to everyone who enters!

See you!

About the author

Daniel Ciećkiewicz

FOUNDER

I am a Senior Power Platform Consultant focused on Dataverse, Power Apps, and Power Automate. I was also a Team Leader responsible for the Power Platform Team and their development paths. 

In my private life, I like video games, sports, learning & gaining knowledge, and a taste of good Scotch Whisky! 

Ooo, I almost forgot, I love our Polish Tatra Mountains!

Categories
Top 3 articles
Newest articles
These May also interest you:
5 2 votes
Article Rating
Subscribe
Notify of
guest

2 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback

[…] my previous article, Set up Service Principal in Azure to work with Power Platform, I discussed this topic. Please go and check it out! It not only discusses the Service Principal […]

trackback

[…] my previous article, Set up Service Principal in Azure to work with Power Platform, I discussed this topic. Please go and check it out! It not only discusses the Service Principal […]

2
0
Would love your thoughts, please comment.x
()
x