Creating an OAuth Connection for use in Flow to Connect to an External API

In order for Flow to connect to an external HTTP(s) web service that requires authentication via OAuth the following steps should be taken.  

This article covers:  

How to Create an Application Registration in the Azure Portal

Add Azure Active Directory v2 connection to your Tenjin Skill

Add Generic OAuth 2 connection to your Tenjin Skill 

 

Azure Active Directory OAuth Connection 

The Azure Active Directory (Azure AD) is a cloud identity service that allows applications to securely authenticate users with standard protocols like OAuth 2.0. This Tenjin skill uses the Microsoft Identity Platform (v2.0), which is an evolution of the Azure AD platform.

Configure this skill in your assistant whenever you want users to be authenticated to access services such as Microsoft Graph using their identity.

Step 1: Create an Application Registration in the Azure Portal

1. Navigate to 'App registrations' in the Azure Portal.
2. Click 'New registration'.
3. Enter a name for your application.
4. Choose the supported account types. We suggest 'Accounts in this organizational directory only (Single tenant)'.
5. For 'Redirect URI (optional)', choose 'Web' from the drop-down and enter "https://token.botframework.com/.auth/web/redirect"
6. Click 'Register'.
7. Navigate to 'Certificates & secrets' within your app registration (left-hand navigation link).
8. Click 'New client secret' and enter a description, select an expiry, and then click 'Add'.
9. Before leaving this page, record the secret 'Value'. You will need to enter this later when configuring Tenjin.
10. Navigate to 'Overview' within your app registration (left-hand navigation link).
11. Copy the 'Application (client) ID' and the 'Directory (tenant) ID', you will also need these values when configuring Tenjin.
12. Navigate to 'API permissions', click 'Add a permission', followed by 'Microsoft Graph', and then 'Delegated permissions'.
13. Check 'openid' (Sign users in) and 'profile' (View users’ basic profile) as a minimum, and then add any other specific permissions as required; lastly, click 'Add permissions'.
14. That has now configured everything Tenjin needs in your Azure portal.

Step 2: Configure your Tenjin Skill

1. Click the ellipsis (three dots) button, top right on your screen followed by Add Skill.
2. Click on Add OAuth Skill.
3. When the skill is added, click on OAuth.
4. Click the +Add OAuth Connection button.
5. Click on Add Azure Active Directory v2 Connection.
6. Within the 'Add OAuth Connection' page you will be asked to populate a number of fields.
7. Detailed inline Help is available.
8. Once complete, click the OK button to save your changes.

The OAuth connection will now be available within Flow using the name defined earlier.

Add Generic OAuth 2 Connection 

1. Click the ellipsis (three dots) button, top right on your screen followed by Add Skill.
2. Click on Add OAuth Skill.
3. When the skill is added, click on OAuth.
4. Click the +Add OAuth Connection button.
5. Click on Add Generic OAuth 2 connection.
6. Within the 'Add OAuth Connection' page you will be asked to populate a number of fields.
7. Detailed inline Help is available.
8. Once complete, click the OK button to save your changes.

The OAuth connection will now be available within Flow using the name defined earlier.