This repository expands on Export APIs from Azure API Management to the Power Platform article, discussing the following use content:
-
Export of API between different Azure Active Directory Tenants
-
Sample Provides sample scripts that can automate the end to end process of automating the deployment of an API from Azure to the Power Platform.
Azure API Management API Export feature makes it easy to take advantage of pro code APIs that you have written in Azure or want to create and expose them to citizen developers so they can leverage them inside their low code Power Platform solutions.
The published docs API export document works well when the user manually wants to export the the Azure API Management API to a power platform as a custom connector. This guide looks at automating this process and covering scenarios like when you need to publish to APIs between multiple Azure Active Directory tenants.
The article assumes that the Azure subscription and the power platform environment are in the same Azure Active directory tenant. The are various cases where this may not be the case for example:
- You are using your MSDN benefits https://my.visualstudio.com/benefits to use your Azure and Microsoft 365 Developer subscription (E5) benefits
- You are using your Development or Test Azure subscriptions which are not part of your main organization tenant
- You are deploying to trial subscription https://docs.microsoft.com/en-us/partner-center/advisors-create-a-trial-invitation and a separate pay as you go Azure subscription.
If scenarios like this apply to you then when you look to publish your API to your Power Apps environment then you will receive an empty list. to work around this gap you can use the Sample section below
To run this sample download the latest release from GitHub. Upload the apim-export-release.zip to https://shell.azure.com or Azure Cloud Shell in https://portal.azure.com.
Once uploaded perform thew following steps
- unzip the release.zip
unzip apim-export-release.zip- Change config.json to include your settings replacing TODO values with your settings
{
"APIMPublisherEmail": "TODO",
"APIMPublisherName": "TODO2",
"powerPlatformEnvironment": "https://TODO3.crm.dynamics.com",
"powerPlatformTenantId": "TODO4",
"powerPlatformClientId": "TODO5",
"powerPlatformClientSecret": "%PP_CLIENT_SECRET%",
"tags": [
"\"Workload name\"=\"Development APIM\"",
"\"Data Classification\"=\"Non-business\"",
"\"Business criticality\"=\"Low\"",
"\"Business Unit\"=\"Unknown\"",
"\"Operations commitment\"=\"Baseline Only\"",
"\"Operations Team\"=\"None\"",
"\"Expected Usage\"=\"Unknown time\""
]
}- The following example builds on the previous example by loading values from Azure Key Vault
{
"APIMPublisherEmail": "TODO",
"APIMPublisherName": "TODO2",
"powerPlatformEnvironment": "https://TODO3.crm.dynamics.com",
"powerPlatformTenantId": "TODO4",
"powerPlatformClientId": "TODO5",
"loadFromKeyVault": true,
"powerPlatformClientSecretKey": "KV_PP-CLIENT-SECRET%",
"tags": [
"\"Workload name\"=\"Development APIM\"",
"\"Data Classification\"=\"Non-business\"",
"\"Business criticality\"=\"Low\"",
"\"Business Unit\"=\"Unknown\"",
"\"Operations commitment\"=\"Baseline Only\"",
"\"Operations Team\"=\"None\"",
"\"Expected Usage\"=\"Unknown time\""
]
}In https://shell.azure.com or Azure Cloud Shell of https://portal.azure.com choosing powershell script environment
- ./resources.ps1
TODO: To be updated include Azure Function example into APIM
Ensure that you have created an Azure Active directory with the following
- API Permissions for Dynamics CRM.
- Admin granted permissions for Dynamics CRM
- A secret allocated to the application
Ensure to that application user has been granted rights (System Customizer) in the power platform environment
In https://shell.azure.com or Azure Cloud Shell of https://portal.azure.com choosing powershell script environment
- ./export-apim.ps1
You can use the sample scripts above to include them in your build process
To run this sample you will need access to or the following components installed
- System administrator rights in Power Platform Environment
- Access to https://shell.azure.com or Azure Portal https://portal.azure.com
- Local install of PowerShell (verion 5.0 or greater) and Azure CLI
As at April 2021 as covered in Licensing overview for Microsoft Power Platform Power Apps include limited use rights included with Office 365 licenses to Export Azure API Management APIs to the Power platform.
This feature enable Customers to publish their Azure backend service as APIs and export these APIs to the Power Platform as custom connectors via Azure API Management. Customers with eligible Office 365 licenses that include Dataverse for Teams can use these connectors for custom applications, flows, and chatbots running in Teams and to connect Azure backend services. Source. Appendix B in this guide includes specific O365 licenses that are eligible for this for this feature.
You can use this feature as a first step to help integrate the concept of building fusion development teams including business, development and IT teams to build a solution. Using this base you can then expand into other premium connectors to accelerate and nurture fusion team development to build and deliver solutions in our organization.
This sample makes use of Classes to encapsulate related functionality. This approach allows functionality to be managed and combined to automate the process.
Each class can be created using a exported PowerShell Module functions to allow easy creation of classes via Import Module. For example to create an Azure Key Vault using the default configuration
Import-Module './scripts/config.psm1' -Force
Import-Module './scripts/components/keyvault.psm1' -Force
$config = New-Config
$kv = New-KeyVaultManagement -config $config
$kv.CreateIfNotExists()The config.psm can be updated using following approaches:
- Json configuration file e.g.
Import-Module './scripts/config.psm1' -Force
$config = New-Config -file 'scripts/config.json'- String json parameter e.g.
Import-Module './scripts/config.psm1' -Force
$config = New-Config -json '{"resourceGroup":"Delete Me"}'- Using Environment variables
Import-Module './scripts/config.psm1' -Force
$env:AZ_RESOURCE_GROUP="Delete Me"
$config = New-Config -json '{"resourceGroup":"%AZ_RESOURCE_GROUP%"}'
$config.resourceGroup