Configure a Logic App (Consumption) with Azure Active Directory Open Authentication so that it can be called/invoked by an Azure Data Factory Web Activity via Managed Identity.
(1/2) Logic App Setup
1. Create a Logic App with an HTTP Trigger: Call, trigger, or nest logic apps by using Request triggers - Azure Logic Apps | Microsoft Learn
a. Make a note of the callable endpoint / webhook / trigger URL
2. On the Logic App, go to Authorization and add the Authorization Policy in the Logic App: Secure access and data - Azure Logic Apps | Microsoft Learn
Policy | [Policy Name] | |
Policy Type | AAD | |
Claims |
Issuer |
https://sts.windows.net/[Tenant ID]/ |
Audience |
3. Add the Trigger Condition: Secure access and data - Azure Logic Apps | Microsoft Learn
4. Include ‘Authorization’ header in request trigger outputs: Secure access and data - Azure Logic Apps | Microsoft Learn
Final Code View of the Logic App Trigger:
"triggers": {
"manual": {
"conditions": [
{
"expression": "@startsWith(triggerOutputs()?['headers']?['Authorization'], 'Bearer')"
}
],
"inputs": {
"schema": {}
},
"kind": "Http",
"operationOptions": "IncludeAuthorizationHeadersInOutputs",
"type": "Request"
}
}
(2/2) Azure Data Factory Setup
5. Create a Web Activity in Azure Data Factory: Web Activity - Azure Data Factory & Azure Synapse | Microsoft Learn
Property | Sample Value | Comments |
URL | https://prod-[xx].[region].logic.azure.com:443/workflows/[Workflow ID]/triggers/manual/paths/invoke?api-version=2016-10-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0<removed> | Copied from Step 1a |
Method |
POST, GET… |
This can be changed on the Logic App trigger |
Body
|
Valid JSON |
|
Authentication |
System Assigned Managed Identity |
|
Resource |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.