Skip to main content
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate - Using Flows / HTTP URL for triggerin...
Power Automate - Using Flows
Suggested answer

HTTP URL for triggering Flow from a .net application

(0) ShareShare
ReportReport
Posted on by FD-21071048-0 4
Hello,
 
I need to call an endpoint hosted on Azure (endpoint exposed by a "Flow" created in Power Automate). I call this endpoint from a C# application (running on an on-premise server), 
The Power Automate endpoint has the following format (workflow GUID is fake):
https://prod-129.westeurope.logic.azure.com:443/workflows/1c88cfee2174ab788c4174cbab9d49b/triggers/manual/paths/invoke?api-version=2016-06-01
 
I'm having difficulties authenticating and successfully invoking this endpoint.
The configuration setting “Who can trigger the flow?” has the value set to “Any user in the tenant.”
This Flow via the above endpoint requires OAuth2 authentication.
 
What I’ve done so far:
I created a Registered App in Microsoft Entra with the following configuration:
Authentication > Supported account types: Accounts in this organizational directory only (note: we are using the same tenant as the one hosting the Power Automate Flow).
Authentication > Advanced settings > Allow public client flows: Enabled → “Yes”
API Permissions: API/Permissions name = "Power Automate" > Flows.Manage.All / Delegated
 
Below is the code snippet I’m using for my tests:
string flowUrl = @"https://prod-129.westeurope.logic.azure.com:443/workflows/1c88cfee2174ab788c4174cbab9d49b/triggers/manual/paths/invoke?api-version=2016-06-01";
string tenantId = "my_tenant_id";
static string clientId = "my_registered_app_client_id";
static string clientSecret = "my_client_secret_key";
 
// Scope candidates tested
static string scope = "https://service.flow.microsoft.com/.default";
// static string scope = "https://logic.azure.com/.default";
// static string scope = "https://management.azure.com/.default";
 
public static async Task<string> TestAPI()
{     
    // Acquire token using MSAL     
    var app = ConfidentialClientApplicationBuilder.Create(clientId)
        .WithClientSecret(clientSecret)
        .WithAuthority(new Uri($"https://login.microsoftonline.com/{tenantId}")).Build();     
    
    var result = await app.AcquireTokenForClient(new[] { scope }).ExecuteAsync();     
    // Prepare HTTP request     
    using var httpClient = new HttpClient();
    httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
    var jsonPayload = "{\"param1\":\"CUSTOMER_GETDETAIL\",\"param2\":\"1090456\",\"param3\":\"EN\",\"param4\":\"User123\"}";     
    var content = new StringContent(jsonPayload, Encoding.UTF8, "application/json");     
    var response = await httpClient.PostAsync(flowUrl, content);     
    var responseBody = await response.Content.ReadAsStringAsync();     
    foreach (var header in response.Headers)
    {
        Console.WriteLine($"{header.Key}: {string.Join(", ", header.Value)}");     
    }
    Console.WriteLine($"Status: {response.StatusCode}");     
    Console.WriteLine($"Response: {responseBody}");
    return responseBody; 
}
 
The response I get when calling the endpoint
Status: Forbidden
Response: {"error":{"code":"MisMatchingOAuthClaims","message":"One or more claims either missing or does not match with the open authentication access control policy."}}
 
Am I doing this correctly?
If the overall approach is correct, which claims are missing, and how can I add them to my token?
I would be very grateful if someone could provide a clear and detailed answer to help solve this issue.
Thank you!
Categories:
Business Process Flows
  • FD-21071048-0 Profile Picture
    FD-21071048-0 4 on at
    HTTP URL for triggering Flow from a .net application

    Hello Yash,

    Thank you for your response and for the two links.

    I updated the configuration of my App Registration in Microsoft Entra and added the permission as specified in your example:

    Power Automate > User (Delegated / Access Microsoft Flow as signed-in user)

    I noticed that you also have other permissions related to Microsoft Graph (the details aren’t visible in your screenshot).
    For my App Registration, I also added the following permission:
    Microsoft Graph > User.Read (Delegated / Sign in and read user profile)

    Unfortunately, when I call the endpoint, I still receive the same error message:

    Status: Forbidden
    Response: {"error":{"code":"MisMatchingOAuthClaims","message":"One or more claims either missing or does not match with the open authentication access control policy."}}

    I feel like the solution is right at my fingertips. If only the error message were more explicit and could tell me which claims are missing from my authentication token.

  • yashag2255 Profile Picture
    yashag2255 24,601 Super User 2024 Season 1 on at
    HTTP URL for triggering Flow from a .net application
     
    The authentication mechanism works a little different when you set the option as Anyone in my tenant or specific users in my tenant. You can follow my blog posts here on how to set it up. 
     
     
    Hope this Helps!
     
    If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!
     
  • FD-21071048-0 Profile Picture
    FD-21071048-0 4 on at
    HTTP URL for triggering Flow from a .net application

    Hello Michael,

    Thank you for the link.

    I had already come across this example.
    Unfortunately, it doesn't work for me.

    I believe it's no longer possible to call an "Automate Flow" link directly.
    Security has been tightened, and calling this endpoint now requires OAuth 2.0 authentication.
    I would also like to remind that my .NET application is not hosted on Azure — it's running on a server within my company that has internet access.

    Sincerely,

    Frédéric

  • Suggested answer
    Michael E. Gernaey Profile Picture
    Michael E. Gernaey 44,960 Super User 2025 Season 2 on at
    HTTP URL for triggering Flow from a .net application
     
     
    If these suggestions help resolve your issue, Please consider Marking the answer as such and also maybe a like.
    Thank you!
    Sincerely, Michael Gernaey

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Now Available: 2025 Release Wave 2
Welcome to the Power Platform Communities

Quick Links

Paul Stork – Community Spotlight

We are honored to recognize Paul Stork as our July 2025 Community…

Congratulations to the June Top 10 Community Leaders!

These are the community rock stars!

Announcing the Engage with the Community forum!

This forum is your space to connect, share, and grow!

Leaderboard > Power Automate

#1
Michael E. Gernaey Profile Picture

Michael E. Gernaey 497 Super User 2025 Season 2

#2
David_MA Profile Picture

David_MA 436 Super User 2025 Season 2

#3
Riyaz_riz11 Profile Picture

Riyaz_riz11 244 Super User 2025 Season 2

Last month Overall leaderboard

Featured topics

Restore a deleted flow

Product updates

Microsoft Power Platform Community release plans