The following code:
import requests
import json
import msal
config = {
"authority": "https://login.microsoftonline.com/<My tenant ID>",
"client_id": "<My client ID>",
"client_secret": "<My secret>",
"scope": ["https://graph.microsoft.com/.default"],
}
app = msal.ConfidentialClientApplication(
config["client_id"],
authority=config["authority"],
client_credential=config["client_secret"] )
result = app.acquire_token_silent(config["scope"], account=None)
if not result:
result = app.acquire_token_for_client(scopes=config["scope"])
bearerToken = result['access_token']
url = "https://<My org ID>.<My org region>.dynamics.com/api/data/v9.1/workflows"
headers = {
"Accept": "application/json",
"Content-type": "application/json",
"Authorization": "Bearer "+bearerToken,
}
response = requests.request("GET", url, headers = headers)
response
Is producing the following output:
<Response [401]>
The expected output is like this:
{
"@odata.context": "https://org00000000.crm0.dynamics.com/api/data/v9.1/$metadata#workflows",
"value": [{
"@odata.etag": "W/"12116760"",
"category": 5,
"statecode": 0,
"workflowidunique": "00000000-0000-0000-0000-000000000001",
"workflowid" : "00000000-0000-0000-0000-000000000002",
"createdon": "2018-11-15T19:45:51Z",
"_ownerid_value": "00000000-0000-0000-0000-000000000003",
"modifiedon": "2018-11-15T19:45:51Z",
"ismanaged": false,
"name": "Sample flow",
"_modifiedby_value": "00000000-0000-0000-0000-000000000003",
"_createdby_value": "00000000-0000-0000-0000-000000000003",
"type": 1,
"description": "This flow updates some data in Common Data Service.",
"clientdata": "{"properties":{"connectionReferences":{"shared_commondataservice":{"source":"NotSpecified","id":"/providers/Microsoft.PowerApps/apis/shared_commondataservice","tier":"NotSpecified"}},"definition":{...}},"schemaVersion":"1.0.0.0"}"
}]
}
...as shown in the Microsoft documentation that appears here: https://docs.microsoft.com/en-us/power-automate/web-api
Previously I:
- Registered the app in Azure and generated secret key, as is indicated in the procedure shown in this link: https://docs.microsoft.com/en-us/powerapps/developer/data-platform/walkthrough-register-app-azure-active-directory#create-an-application-registration
- Created app role as described here: https://docs.microsoft.com/en-us/power-platform/admin/database-security#minimum-privileges-to-run-an-app
- Created a Dataverse app user, linked to the app created in 1. and the role created in 2., as described here: https://docs.microsoft.com/en-us/powerapps/developer/data-platform/authenticate-oauth#manually-create-a-dataverse-application-user
Why is this not working?
question from:
https://stackoverflow.com/questions/65843679/trying-to-access-microsoft-power-automate-api-via-python-msal-library 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…