Cloud Orchestrator API No Result from External Application Power Automate

Hello,
I was hoping to get help with the API response I get when testing the custom connector from Power Automate to the Orchestrator cloud.

I read documentation around setting up the external applications here and here, then several forum posts here and here and managed to get everything ready and working in Postman.

However when I try creating a custom connector in Power Automate, I get the 200 response with odata.count 0, when seemingly the same request in postman produces a result. I can see a bearer token generated in the custom connector, so it looks to be working.



When I test the connector, I can see the bearer token, but what looks odd is that the URL is replaced by the microsoft URL which incorporates the cloud Orchestrator endpoint+filter, so it’s not the direct cloud Orchestrator endpoint. Could this cause the problem?


The API request works via Postman

@zawad, @codemonkee I saw a few of your posts where you mention that you got this working, would you be able to help please?

I would appreciate any advise from anyone.

Many thanks,
byuli

I went through the motions based on what you show in your screenshots, and had no troubles. What stood out for me is that what you have blocked out on your Actions URL doesn’t seem long enough to encompass [org]/[tenant]/orchestrator_/ though I do see /orchestrator_/ in the Response @odata.context of your Test.

image

On the General tab, I set my BasePath to be the full base of my Orchestrator

image

The other thing I would suggest that would help others to replicate and/or follow what you have configured a little easier is to provide the Swagger definition file which you can get by toggling the Swagger Editor

And you’ll get something along the lines of, just be sure to hide sensitive references or values if you’d defined any in your tests.

swagger: '2.0'
info: {title: UiPath Cloud, description: '', version: '1.0'}
host: cloud.uipath.com
basePath: /[org]/[tenant]/orchestrator_/
schemes: [https]
consumes: []
produces: []
paths:
  /Jobs: {}
  /odata/Folders:
    get:
      responses:
        '200':
          description: default
          schema:
            type: object
            properties:
              '@odata.context': {type: string, description: '@odata.context'}
              '@odata.count': {type: integer, format: int32, description: '@odata.count'}
              value:
                type: array
                items:
                  type: object
                  properties:
                    Key: {type: string, description: Key}
                    DisplayName: {type: string, description: DisplayName}
                    FullyQualifiedName: {type: string, description: FullyQualifiedName}
                    FullyQualifiedNameOrderable: {type: string, description: FullyQualifiedNameOrderable}
                    Description: {type: string, description: Description}
                    ProvisionType: {type: string, description: ProvisionType}
                    PermissionModel: {type: string, description: PermissionModel}
                    ParentId: {type: integer, format: int32, description: ParentId}
                    ParentKey: {type: string, description: ParentKey}
                    IsActive: {type: boolean, description: IsActive}
                    FeedType: {type: string, description: FeedType}
                    Id: {type: integer, format: int32, description: Id}
                description: value
          headers:
            api-supported-versions: {description: api-supported-versions, type: integer}
            content-type: {description: content-type, type: string}
      summary: test
      description: test
      operationId: Test31082022
      parameters:
      - {name: accept, in: header, required: false, type: string}
      - {name: content-type, in: header, required: false, type: string}
definitions: {}
parameters: {}
responses: {}
securityDefinitions:
  oauth2_auth:
    type: oauth2
    flow: accessCode
    authorizationUrl: https://cloud.uipath.com/identity_/connect/authorize
    tokenUrl: https://cloud.uipath.com/identity_/connect/token
    scopes: {? OR.License.Read OR.Settings.Read OR.Robots.Read OR.Machines.Read OR.Execution.Read
        OR.Assets.Read OR.Queues.Read OR.Jobs.Read OR.Users.Read OR.Administration.Read
        OR.Audit.Read OR.Webhooks.Read OR.Monitoring.Read OR.ML.Read OR.Tasks.Read
        OR.Analytics.Read OR.Folders.Read OR.BackgroundTasks.Read OR.TestSets.Read
        OR.TestSetExecutions.Read OR.TestSetSchedules.Read OR.TestDataQueues.Read
        OR.Hypervisor.Read : OR.License.Read OR.Settings.Read OR.Robots.Read OR.Machines.Read
        OR.Execution.Read OR.Assets.Read OR.Queues.Read OR.Jobs.Read OR.Users.Read
        OR.Administration.Read OR.Audit.Read OR.Webhooks.Read OR.Monitoring.Read OR.ML.Read
        OR.Tasks.Read OR.Analytics.Read OR.Folders.Read OR.BackgroundTasks.Read OR.TestSets.Read
        OR.TestSetExecutions.Read OR.TestSetSchedules.Read OR.TestDataQueues.Read
        OR.Hypervisor.Read}
security:
- oauth2_auth: [OR.License.Read OR.Settings.Read OR.Robots.Read OR.Machines.Read OR.Execution.Read
      OR.Assets.Read OR.Queues.Read OR.Jobs.Read OR.Users.Read OR.Administration.Read
      OR.Audit.Read OR.Webhooks.Read OR.Monitoring.Read OR.ML.Read OR.Tasks.Read OR.Analytics.Read
      OR.Folders.Read OR.BackgroundTasks.Read OR.TestSets.Read OR.TestSetExecutions.Read
      OR.TestSetSchedules.Read OR.TestDataQueues.Read OR.Hypervisor.Read]
tags: []

I’ll also point out that you are getting a Response/Result, just with Zero records, so likely something in the $filtering (?) Perhaps try doing a base GET on the /odata/folders to see if you get ANY records and go from there.

hi @codemonkee,
Thank you for the pointers, I’ve recreated the connector from scratch and implemented them but unfortunately getting the same result.

Added the [org_name]/[tenant_name]/orchestrator_/ to the Base URL

Security tab - double checked the Scope, re-added client ID, client secret. Refresh URL same as token URL, but it keeps clearing the field once I’d clicked Update connector, is it an issue, does it do the same on yours?

Definition tab - Request - Tried the get request without any filtering, as suggested + content_type application/json
https://cloud.uipath.com/org_name/tenant_name/orchestrator_/odata/Folders
image

Test tab - populate content-type, click Test, still no values. Below is the swagger code.
URL is populated as https://someID.azure-apim.net/apim/uipath-20cloud-20orc-20-2d-20test-someid1-some_id2/some_id3/odata/Folders, and I get a bearer token too. Does the URL change on your connector too, please?

When I enable Swagger editor I get this:


Swagger definition file:

swagger: '2.0'
info:
  title: UiPath Cloud Orc - Test
  description: ''
  version: '1.0'
host: cloud.uipath.com
basePath: /org_name/tenant_name/orchestrator_/
schemes:
  - https
consumes: []
produces: []
paths:
  /odata/Folders:
    get:
      responses:
        '200':
          description: default
          schema:
            type: object
            properties:
              '@odata.context':
                type: string
                description: '@odata.context'
              '@odata.count':
                type: integer
                format: int32
                description: '@odata.count'
              value:
                type: array
                items:
                  type: object
                  properties:
                    Key:
                      type: string
                      description: Key
                    DisplayName:
                      type: string
                      description: DisplayName
                    FullyQualifiedName:
                      type: string
                      description: FullyQualifiedName
                    FullyQualifiedNameOrderable:
                      type: string
                      description: FullyQualifiedNameOrderable
                    Description:
                      type: string
                      description: Description
                    ProvisionType:
                      type: string
                      description: ProvisionType
                    PermissionModel:
                      type: string
                      description: PermissionModel
                    ParentId:
                      type: string
                      description: ParentId
                    ParentKey:
                      type: string
                      description: ParentKey
                    IsActive:
                      type: boolean
                      description: IsActive
                    FeedType:
                      type: string
                      description: FeedType
                    Id:
                      type: integer
                      format: int32
                      description: Id
                description: value
      summary: Get all folders
      description: Get all folder
      operationId: GetAllFolders
      parameters:
        - name: content-type
          in: header
          required: false
          type: string
definitions: {}
parameters: {}
responses: {}
securityDefinitions:
  oauth2_auth:
    type: oauth2
    flow: accessCode
    authorizationUrl: https://cloud.uipath.com/identity_/connect/authorize
    tokenUrl: https://cloud.uipath.com/identity_/connect/token
    scopes:
      OR.Administration.Read OR.Analytics.Read OR.Assets.Read OR.Audit.Read OR.BackgroundTasks.Read OR.Execution.Read OR.Folders.Read OR.Hypervisor.Read OR.Jobs.Read OR.Machines.Read OR.ML.Read OR.Monitoring.Read OR.Queues.Read OR.Robots.Read OR.Settings.Read OR.Tasks.Read OR.TestDataQueues.Read OR.TestSetExecutions.Read OR.TestSets.Read OR.TestSetSchedules.Read OR.Users.Read OR.Webhooks.Read: >-
        OR.Administration.Read OR.Analytics.Read OR.Assets.Read OR.Audit.Read
        OR.BackgroundTasks.Read OR.Execution.Read OR.Folders.Read
        OR.Hypervisor.Read OR.Jobs.Read OR.Machines.Read OR.ML.Read
        OR.Monitoring.Read OR.Queues.Read OR.Robots.Read OR.Settings.Read
        OR.Tasks.Read OR.TestDataQueues.Read OR.TestSetExecutions.Read
        OR.TestSets.Read OR.TestSetSchedules.Read OR.Users.Read OR.Webhooks.Read
security:
  - oauth2_auth:
      - >-
        OR.Administration.Read OR.Analytics.Read OR.Assets.Read OR.Audit.Read
        OR.BackgroundTasks.Read OR.Execution.Read OR.Folders.Read
        OR.Hypervisor.Read OR.Jobs.Read OR.Machines.Read OR.ML.Read
        OR.Monitoring.Read OR.Queues.Read OR.Robots.Read OR.Settings.Read
        OR.Tasks.Read OR.TestDataQueues.Read OR.TestSetExecutions.Read
        OR.TestSets.Read OR.TestSetSchedules.Read OR.Users.Read OR.Webhooks.Read
tags: []

However, if I want to try it out in Swagger, I don’t seem to be able to authenticate using the same application ID/application secret as I’d set up for the connector:
Test1 - without clicking Authorize:

Test2 - attempted to Authorize:
image
image

Could this mean I’m hitting some permission issues?
Thank you, really hoping we can get it to work!

Close all the Swagger pages.

Open the Swagger page → Authorize → don’t modify the client_id and leave the client_secret empty → Authorize → test the endpoints now

Let us know if worked.

hello @marian.platonov,

Thank you for your reply, I didn’t have any separate swagger pages open - this page appears from within the custom connector in Power Automate. I closed it and reopened. Clicked Authorize and when it first comes up, the client_id is blank
image

image
image

I tick the scopes and click Authorize without the client_id/client_secret, and get the same error
image

With the client ID/client secret for the Power Automate external app, same result
image

Try to add this client_id bb55c0a2-d2cc-407a-9c1e-5f65e12eae77 without a client_secret

Also lower the Scopes as it seems that you have for some of them duplicates.

Tried the provided client_id with no secret, same result

I’m not entirely sure why the scopes are duplicating. I’ve now only left OR.Folders.Read and the scope on the swagger is still showing double


image

Same error when I click Authorize
image

I took your schema and updated the base path and was able to query my Community Orchestrator without any issue.

I’ve yet to have a successful authorization with Swagger Definition in a custom connector in Power Platform, but you would receive similar treatment if you attempt to change the Client ID / Secret when viewing the Swagger definition on your Orchestrator.

That is correct, after Creating or Updating the Connector these values will be blank for security, as they are stored elsewhere and not directly in the definition.

How is your External Application Registered in UiPath Cloud?

  • Application Type: Confidential or Non-Confidential application?
  • Resources: Are you setting the User Scope(s) or Application Scope(s)?

Based on my testing Custom Connectors do not currently support Client Credentials (I tried modifying the securityDefinitions.oauth2_auth.flow value in the Swagger Definition to application, however upon updating the connector it resets back to accessCode. Because of this you wouldn’t be able to use Application Scope and this is also backed up by documentation Specifying connection parameters | Microsoft Learn

image

So assuming you are setup and configured for Confidential and User Scope, when you create your Connection in Power Apps, what user are you authenticating as?

Registering an External Application grants you the right to make requests to those specific resources, but it is my understanding that the user would also require the defined Permissions in the Service you are requesting.

So in the case of Getting a list of Folders
The registered External Application would need OR.Folders or OR.Folders.Read
and the authenticating User would require Units.View or SubFolders.View permissions in Orchestrator.

Perhaps @marian.platonov can confirm this as I’ve attempted to break my connection by removing my Domain User (which I would be using to Authenticate in Power Platform and the Connection) from both the Cloud Portal and within Orchestrator and I am still able to Authenticate with the External Application OAuth with a Power Platform Connection and successfully query the Folders.

1 Like

Thank you so much for the explanation, the application was registered as confidential user scope, but I didn’t think about the actual user permissions.

I went to the permissions of the role assigned to the user to see that someone had changed them and folders were unticked! just unlucky I picked to test with folders.

Ticked to view the Folders and everything worked fine! ( I’ll change the data type of value.item.parentID as showing an error)

Thank you very much all for your contributions, really appreciate the support!
Best wishes!

2 Likes

Awesome to hear! Power Platform and UiPath has been a bit of a sore spot in trying to make things fluent, mainly on the Power Platform side of things :smiley:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.