How To Create And Use Service Principal in Power Automate.
Ғылым және технология
Not even Friday 13th can stop Amey and George from talking about Power Automate. This week they help future Amey to deal with Jeff who created a number of flows and is about to get fired or get hit by a bus.
How?
By creating a service principal connection in Power Automate. Unlike Jeff, it does not need a license, does not demand a raise, works 24 x 7, and is bus-resistant.
They also waste some valuable time only to agree that granting System Administrator role is not a good idea but that System Customizer is even worse.
Пікірлер: 12
Useful video, thanks. Is there a better way now to create the connection to the service principal in Power Automate?
@365Training
Жыл бұрын
I believe it's possible to create an SP connection using PowerShell. If you find yourself constantly creating those, perhaps it's worth to invest into automating the process.
This was very enjoyable to watch. Good corny jokes! Question: How does the service principle handle the need for a license, such as connecting to office-type connectors like One Drive or Outlook? It didn't look like in the video that the service principal/application user could have a license. Is it even possible to use a service principal in these types of scenarios?
@365Training
2 жыл бұрын
Good question, Daniel, we probably should've covered this in video but bringing up any licensing question would've extended it at least by an hour! Long story short: you can't use service principals for individual services like OneDrive or Outlook - those connections are always tied to an individual account. For Dataverse service principals do not need a license at all. Of course, there is no free lunch and the account will be the subject to the API calls allowance (25-100K API calls per 24 hours depending on the top license you have in the environment, pooled across all non-interactive users). You can buy more calls if you need to. docs.microsoft.com/power-platform/admin/api-request-limits-allocations#requests-limits-not-based-on-licensed-users-or-flows
Great video thanks Is there a special role which the application user should have? I have created a special role for this users but the flows don't run when I add de system admin it works ( but thats someting I don't want) Any thoughts?
@365Training
2 жыл бұрын
Good question Erwin. Creating roles from scratch (if that's what you did) rarely works in these scenarios as it's too easy to miss some fundamental privileges we're not even aware of. I usually assign Basic User + some specific tables that are needed. But if your flows do not trigger at all, try adding Basic User on top of what you have already. Also check the long list at docs.microsoft.com/power-automate/triggers-troubleshoot - maybe you'll find some pointers there. In the meantime we'll check what're the minimum Dataverse privileges needed and cover in the upcoming videos...
Is there a new way to connect the account? When I click add new connection the correct sign on screen does pop up but there is no "Connect with service principal" option. I just see a Connect via on-premises data gateway option. Thanks
@JayRollaTSi
Жыл бұрын
I am using this for a sharepoint trigger. That does not seem to work. I setup a dataverse flow and the option is available so I guess it cant be down with sharepoint.
@365Training
Жыл бұрын
You're correct, service principal connection is not available in the SharePoint connector. The workaround is to use http connector and SharePoint REST API learn.microsoft.com/training/modules/integration-http-connector/2-rest-service.
Hi, great video! is it possible to use Service principal in power apps?? I have a Power BI Embedded Solution in which I would like to embed a Power App, but I have visualization problems when running the power app inside Power BI embedded using service principal
@365Training
2 жыл бұрын
Good question! Afaik, it's not possible to run an app under a service account (otherwise it'd be an easy way to circumvent the licensing) and embedding does not change that. When you embed Power Apps visual into Power BI report, it will run under the current user's account. I couldn't find any direct reference to that but in the docs docs.microsoft.com/en-us/powerapps/maker/canvas-apps/powerapps-custom-visual you'll find multiple references to the app sharing that implies execution under the user's account (including guests - see limitation section).
@jesulito00
2 жыл бұрын
@@365Training many thanks for your answer, I came to the same conclusion but hoped you gave me a positive answer :) What would happen the other way around, trying to integrate a PBI embedded service into a Powerapp? this way we avoid to circumvent the licensing, because each user would have a powerapp license and they would be also comsuming embedded resources in Azure's Service principal account for PBI embedded, so the owner of the azure portal would be paying for them as they go... I'd appreciate any orientation because I can´t find any documentation about this