Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Give Back to the Community this Month
Announcing Category Subscriptions!
News and Announcements icon
Power Platform Community / Forums / Power Apps - Connector Development / Custom Connector in Po...
Power Apps - Connector Development
Unanswered

Custom Connector in PowerApps: How to Handle Azure Source Domains for HTTP Calls?

(0) ShareShare
ReportReport
Posted on by RS-29111154-0

Hi everyone,

I am using a Custom Connector in PowerApps to make HTTP calls to an internal API hosted on my company’s network. However, I’ve encountered an issue with Azure source domains, and I need some guidance on how to handle this scenario effectively.

The Problem:

  1. The HTTP calls from PowerApps are not being made directly from the user’s browser but from an Azure source. Initially, I identified the source domain as *.azure-apim.net and requested my IT team to expose our API for external access to this domain.

  2. After enabling access, I retried the connection and found that the requests were coming from a completely different domain: *.azure-apihub.net. This was unexpected, as I had only opened access for *.azure-apim.net.

  3. I came across the Microsoft documentation for IP address configuration, which mentions that runtime connectors may use *.azure-apim.net and *.azure-apihub.net domains. However, I am unsure if this list is exhaustive or if there are other considerations for making the setup work consistently.

My Questions:

  1. Is there a way to make HTTP calls directly from the user’s browser instead of through Azure?
    If this is possible, I could avoid exposing the API externally since all users are already within the internal network.

  2. If browser-based calls are not feasible, is the list of IPs and domains in the Microsoft documentation complete for my scenario?
    If I whitelist everything under *.azure-apim.net and *.azure-apihub.net, will this ensure the calls work? Are there additional configurations I should consider for custom connectors?

  3. Are there any best practices or tools to identify all potential Azure source domains or subdomains involved in HTTP calls via custom connectors?

My main goal is to configure this securely and minimize unnecessary exposure while ensuring the HTTP requests succeed.

Thanks in advance for your help!

 

Disclaimer:

I am aware that using HTTP is insecure, and the recommended approach is to use HTTPS. For now, we are conducting initial Proof of Concept (PoC) testing with HTTP and will migrate to HTTPS in the next stages. Security in production is not an issue.

Categories:
Authentication

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Give Back to the Community this Month
Announcing Category Subscriptions!

Quick Links

November 2024 Newsletter…

November 2024 Community Newsletter…

Community Update Oct 28…

Power Platform Community Update…

Tuesday Tip #9 Get Recognized…

Welcome to a brand new series, Tuesday Tips…

more Community News

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 143,867

#2
RandyHayes Profile Picture

RandyHayes 76,308

#3
Pstork1 Profile Picture

Pstork1 64,174

Leaderboard

Featured topics

Product updates

Microsoft Power Platform Community release plans