MSDN Community Forums

Hi everyone,

I'm working on creating a custom connector for my Power App that needs to interact with a third-party API. The API uses OAuth 2.0 for authentication.

I've successfully registered my application in the third-party's developer portal and obtained a Client ID and Client Secret. I've also configured the redirect URI to point to the Power Apps portal.

However, when I try to configure the authentication section in the custom connector editor, I'm a bit stuck on how to correctly input the details for OAuth 2.0. Specifically:

• What should I put for "Identity Provider"?
• How do I correctly format the "Client ID URL", "Authorization URL", "Token URL", and "Refresh URL"?
• Are there any common pitfalls to avoid when setting this up?

Any guidance or examples would be greatly appreciated!

Thanks in advance!

Hi user123,

Great question! Setting up OAuth 2.0 for custom connectors can be a bit tricky. Here's a breakdown of what you typically need:

1. Identity Provider: If your third-party API uses a standard OAuth 2.0 flow, you'll often select "OAuth 2.0" from the dropdown. Some providers might have specific entries, but usually, the generic OAuth 2.0 works. If it's a well-known provider like Azure AD, Google, etc., you might see those listed.

2. URLs:

• Client ID URL: This is often the same as your Authorization URL or sometimes a specific endpoint for client registration confirmation. Check your API's documentation. Often, it's not strictly required if the authorization server handles it implicitly.
• Authorization URL: This is the endpoint where the user is redirected to grant permission. Example: https://api.example.com/oauth/authorize
• Token URL: This is the endpoint where your connector exchanges the authorization code (or other grant type) for an access token. Example: https://api.example.com/oauth/token
• Refresh URL: This is where your connector sends a refresh token to get a new access token when the current one expires. Example: https://api.example.com/oauth/token (often the same as the Token URL)

Make sure to consult your third-party API's documentation for the exact URLs. They are crucial.

3. Common Pitfalls:

• Redirect URI Mismatch: Ensure the redirect URI registered in the third-party portal exactly matches the one provided by Power Apps (it will be shown in the custom connector editor).
• Scope Issues: If your API uses scopes, make sure you specify the correct scopes in the custom connector definition.
• Client Secret Handling: The client secret is sensitive. Power Platform handles this securely, but double-check you're not exposing it elsewhere.
• Token Expiration: Power Apps custom connectors generally handle token refresh automatically if you've configured the Refresh URL correctly and the API supports refresh tokens.

Can you share the name of the third-party API you're trying to connect to? That might help if there are known specific configurations.

Best regards!

Great advice, Alice! Just to add, sometimes the "Client ID URL" is referred to as the "Authorization Server Metadata Document" endpoint (often a .well-known/openid-configuration URL) if the API supports OpenID Connect discovery. Check if your API documentation mentions this.

Also, ensure the **grant type** selected in the custom connector matches what the API expects. For web apps and connectors, "Authorization Code" is most common.

Keep us updated on your progress!