{tocify} $title={Table of Contents}
Issue
While doing testing after doing a POC on Securing Logic App with Azure Active Directory authentication, where I have put logic app behind APIM and before passing the request to logic app, apim does validation of the token.
I was encountered with an error
"The request has both SAS authentication scheme and 'Bearer' authorization
scheme. Only one scheme should be used."
Why it happened
After validating the token which is part of the header i.e. Authorization, APIM forwards the request as it is to backend. As Logic app is configured as back end, it's url already consist of SAS signature plus the request also has Authorization section and this is the problem.
By default every request endpoint on a logic app has a Shared Access Signature (SAS) in the endpoint's URL, which follows this format:
https://<request-endpoint-URI>sp=<permissions>sv=<SAS-version>sig=<signature>
As of now logic App only understands SAS authentication only, and there is no mechanism built yet for Authorization, thus it does not support any Authorization scheme.
By default every request endpoint on a logic app has a Shared Access Signature (SAS) in the endpoint's URL, which follows this format:
https://<request-endpoint-URI>sp=<permissions>sv=<SAS-version>sig=<signature>
As of now logic App only understands SAS authentication only, and there is no mechanism built yet for Authorization, thus it does not support any Authorization scheme.
Although the error says
Only one scheme should be used -- It will not work if I remove SAS part and add
only Bearer token(Any Authorization scheme)
What to do
As Logic App currently doesn't support Authorization Header, it needs to be removed before submitting request to Logic App. In my case, as I was using APIM, by using Set Header policy - the Authorization header was removed and all work fine then after.
If you have questions or suggestions, feel free to do in comments section below !!!
Do share if you find this helpful .......
Knowledge Sharing is Caring !!!!!!
Learn More about Logic App
- Developing Logic app standard workflow which uses Map locally and deploying to Azure
- Developing Logic App Standard Workflow Using Visual Studio Code | Create Logic App Standard Workflow Using Visual Studio Code
- Logic App - Xml to Json using Liquid Map | Append in Liquid Map
- How to use Azure Event Grid Custom Topic | Publishing and Subscribing from Azure Event Grid Custom Topic using Logic App
- Using Azure Storage Account Table as Config Store for Logic Apps | How to read and write from Logic App to Azure Storage Account Table
- Get Logic App Name in Logic App
- Difference between Logic App Consumption and Logic App Standard
- Getting Started with Logic App Standard | Overview of Logic App Standard | Basics of Logic App Standard
- How to find count of Logic App executions using Azure Portal
- Azure Functions vs Azure Logic App | Difference between Azure Functions and Azure Logic App
- Getting started with Logic App : Liquid Map | Using Liquid template in Logic app
- How to get actual error message of Scope in Logic App | Exception Handling in Logic app
- Interview questions and answers on Logic Apps | Interview questions for azure logic app developers
- How to execute Stored Procedure in Logic App | How to connect to SQL in Logic App
- How to get current date in logic app | How to format date time in Logic App
- BizTalk Developer getting started with Logic App
- Getting Started with Logic Apps - Fundamentals
- Getting Started with Logic Apps - Enterprise Application Integration
- Getting Started with Logic Apps - AS2
- Getting Started with Logic Apps - EDI X12 Fundamentals
- Getting Started with Logic Apps - XML to EDI X12
- Getting Started with Logic Apps - EDI X12 to XML
- Getting Started with Logic Apps - What happened to the Request?
- Inserting Multiple Records In On Prem SQL Using Logic App
- Inserting data in On Premises SQL Database using Logic Apps
- Installing and Configuring On Premises Data Gateway - By adding user to Active Directory
- XML Batching(Aggregation) in Logic App
- Batching(Aggregating) messages in Logic App
- Debatching(Splitting) JSON Message in Logic Apps - ForEach and SplitOn
- Debatching(Splitting) XML Message in Logic Apps - ForEach and SplitOn
- Securing Logic App with Azure Active Directory authentication
- Removing ns0: prefix from xml output from BizTalk/Logic app XSLT map
- Using Managed Identity in Logic Apps for Calling Active Directory Secured Function App
- Logic Apps : Fetching ISA and GS Segment Values From Interchange Envelope and Mapping
- Logic Apps : For Each Inside a For Each - Fetching values from field in an array inside an array
Do you have any other fix for this.. after doing this change its not working.
ReplyDeleteWhat actually you tried? You just need to remove Authorization from header before hitting logic app
ReplyDeleteHi Mahesh,
DeleteI am trying to do the same with POST request which is coming from ZOOM. I have created and APIM service in azure using my logic App. I have also removed the authorization header from the request header with APIM service as stated above. It still does not resolve the issue. So I am not sure what is wrong?
how about operationOptions: IncludeAuthorizationHeadersInOutputs?
ReplyDeleteHi Divyesh,
ReplyDeleteDid you add Set headers policy in apim?
check in following post if you missing some step -- https://www.tech-findings.com/2020/02/securing-logic-app-with-azure-active-directory.html
ReplyDeleteIf someone knows the trigger endpoint of the power automate flow,
Isn't the APIM setting meaningless?
ReplyDeleteIf someone knows the trigger endpoint of the power automate flow,
Isn't the APIM setting meaningless?
ReplyDeleteIf someone knows the trigger endpoint of the power automate flow,
Isn't the APIM setting meaningless?
This was a fantastic fix, thank you for this
ReplyDelete