Power Platform Service Principal Setup for Azure DevOps

If you are planning to deploy Power Platform solutions using Azure DevOps, the best approach is to run your DevOps pipeline with a service principal.

In this blog, I will walk through the process of setting up a Power Platform service principal to run your Azure DevOps pipeline and deploy your power platform app solution in different environment.

Step 1– To create the service principal, firstly you need to register the app in Azure Active directory. Open portal.azure.com and go to app registrations.

Step 2– Click on the New Registration.

Step 3 : Provide the name of service principal and allow Accounts in this organizational directory only to use it. Then click Register.

Step 4 : Now that we have successfully registered the application, the next step is to grant the necessary API permissions for both Azure DevOps and Power Platform. Click on the registered app name.

Step 5 : Go to the API Permission tab and click on Add a permission button to provide the permission for Azure DevOps.

choose the Delegated permissions type and check the box beside user_impersonation. Then click Add Permissions.

Step 6 : Similar way choose Dynamics CRM from the Request API permissions and provide Delegated permissions type and check the box beside user_impersonation. Then click Add Permissions.

Step 7 : In order to ensure our app can access the Dynamics CRM and Azure DevOps API across the entire tenant, we must grant admin consent at the tenant level.

Usually, a regular user would be prompted to grant consent the first time they use an app. However, since the Service Principal account is not associated with any individual user, we need to grant consent in advance via the API Permissions screen.

Step 8 : We are now done setting up Dynamics CRM & Azure DevOps permissions for our app.

Step 9 : Let’s create a secret for our service principal. Go the clients & secret tab and click on the new secret button. Provide the name of the secret .

Step 10 : Note down the secret details value and secret id. It will be used while creating the service principal in Azure DevOps.

Step 11: Now let’s see how can we create service principal in azure devops. Go to the project settings. Click on the service connection tab and choose create service connection button.

Step 12 : After click create service connection, choose power platform option

If you are not able to find power platform option in the menu. Install Power Apps build tools for Azure DevOps. (https://marketplace.visualstudio.com/items?itemName=microsoft-IsvExpTools.PowerPlatform-BuildTools)

Step 13: Provide power apps environment URL (Dev or UAT), Azure AD tenant ID, App registration Application ID and Client Secret ID. Make sure to grant access to run the pipelines by clicking the checkbox.

Application ID and Tenant ID

Step 14: Finally, we have created the service connection to run azure devops pipelines for power apps solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *