question

linuswaerner avatar image
0 Votes"
linuswaerner asked ·

Fin & Ops trigger for D365 fails after ARM deploy

Hi, I've successfully deployed Logic Apps with a D365 Fin & Ops trigger in the past, but all of a sudden they're not being triggered, and I've located an anomaly in the trigger within the designer.

I'm using a service principal to connect to D365, and if I setup the connection manually in the designer it works, but after deploy I get this behavior:
75976-image.png


The full error message is something similar to:
Could not retrieve values. Error code: 'Unauthorized', Message: 'Unauthorized clientRequestId: xxxxxxx-xxxxxxx-4acf-9813-xxxxxxxx'. More diagnostic information: x-ms-client-request-id is 'xxxxxxxx-FEEF-xxxxxxx-861A-xxxxxxxx'.

Does anyone know what I am missing here? I am supplying the correct clientId, client Secret and instance, by passing the standard parameters:

  • dynamicsax_token:clientId

  • dynamicsax_token:clientSecret

  • dynamicsax_token:TenantId

  • dynamicsax_token:resourceUri

  • dynamicsax_token:grantType (using default value, client_credentials


Here's how I populate the instance vs the resourceUri:

         "When_a_Business_Event_occurs-instance": {
           "value": "[variables('D365_Instance')]"
         },
         "dynamicsax_token:resourceUri" : {
           "value" : "[concat('https://', variables('D365_Instance'))]"
         },

The uri is accessible and works.

Does anyone have any ideas why the initial automated deploy fails to set everything correct, but it works after a manual correction?


azure-logic-apps
image.png (20.7 KiB)
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

PramodValavala-MSFT avatar image
0 Votes"
PramodValavala-MSFT answered ·

@linuswaerner According to the official docs, the parameter values do not require a dynamicsax_ prefix. For reference, here is the ARM template as in the docs

{
   "type": "MICROSOFT.WEB/CONNECTIONS",
   "apiVersion": "2016-06-01",
   "name": "[parameters('azuredatalake_1_Connection_Name')]",
   "location": "[parameters('LogicAppLocation')]",
   "properties": {
      "api": {
         "id": "[concat(subscription().id, '/providers/Microsoft.Web/locations/', 'resourceGroup().location', '/managedApis/', 'azuredatalake')]"
      },
      "displayName": "[parameters('azuredatalake_1_Connection_DisplayName')]",
      "parameterValues": {
         "token:clientId": "[parameters('azuredatalake_1_token:clientId')]",
         "token:clientSecret": "[parameters('azuredatalake_1_token:clientSecret')]",
         "token:TenantId": "[parameters('azuredatalake_1_token:TenantId')]",
         "token:grantType": "[parameters('azuredatalake_1_token:grantType')]"
      }
   }
}



· 2 ·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi! Well, would the removal of the prefix solve the behavior issue? I've succesfully redeployed the apps and the trigger now works, but listing available instances doesn't work and the ist still shows "Bad request, unauthorized".

I guess I might just have to accept to recreate the connection manually to be able to select another instance :-(

0 Votes 0 ·

@linuswaerner I misread the original query, confusing the template parameter keys with parameter values for the connection. Sorry about that.

Based on the error, the service principal might have the required access. There seems to be a Connector.FullAccess permission available. Could you confirm if that is already granted and if not, whether granting that resolves the issue?

78326-image.png


0 Votes 0 ·
image.png (39.1 KiB)