Archive

Posts Tagged ‘Service Principle’

[Step by Step] Dataverse | Connect Cloud flow with Service Principal (Application User)

By default, Cloud flow Dataverse connectors run under the Owner (i.e., User who created the flow) context. When the flows move to different environment via solutions, connectors run under the user account who imported the Solution.

Making the flows run under interactive user accounts is not recommended as they cause confusion when we check the record’s audit for who updated the record. Its recommended to make the flow run under ‘Application User’, if the calling user can be a fixed account.

In this article lets see how to make the flow run under Application User using Connect the flow using Service Principal option.

High level design:

Following are the steps we gonna go through.

  • App registration in Azure Active Directory (AAD)
  • Create an Application User in Environment.
  • Create a Cloud Flow and connect with Application User.

App registration in Azure Active Directory (AAD)

  • Add a Secret and save the Secret.
  • Copy the Application ID and Tenant ID.
  • Refer this article for the detailed ‘App Registration’ steps.

Create an Application User in Environment

  • Click on ‘New app user’ and select ‘Business Unit’ and ‘Security Role(s)’.
  • Click on ‘Add an app’ and select the App registered in previous section.
  • You should see the ‘Application user’ listed as below.

Create a Cloud Flow and connect with Application User:

  • Connect to Maker portal and create a new Solution.
  • Click on New -> Cloud flow.
  • Click on ‘Connect with Service Principle’.
  • Provide the details captured in Azure Active Directory ‘App Registration’ section and click ‘Create’.
  • Now you should see that in ‘Connection references’ as below.
  • If you go back to the ‘Solution’, you would see a new entry ‘Connection Reference (preview)’ along with the flow.
  • With the ‘Connection Reference (preview)’, we can conveniently move flow to different environment using Solution export and import.
  • Lets proceed and complete the flow, which creates a ‘Contact’ record upon the creation of an ‘Account’.
  • Create an ‘Account’ from the ‘Customer Service Hub’ App.
  • A ‘Contact’ gets created triggered from the flow and Owner would the ‘Application User’.

Notes:
  • You can use ‘Run as’ option and make the ‘Dataverse’ run under one of the highlighted User contexts.

🙂