Yannick Reekmans
Please enter at least 3 characters
Feb 10, 2024 3 min read

Call any Dataverse/Dynamics 365 REST API from Power Automate

Use Invoke an HTTP request from the HTTP with Microsoft Entra ID (preauthorized) connector to call Dataverse APIs from Power Automate, with or without impersonation

Call any Dataverse/Dynamics 365 REST API from Power Automate
Photo by Douglas Lopes / Unsplash

In Power Automate you can use the Dataverse connector to access data in Dataverse, and it even supports calling bound and unbound APIs. Unfortunately, not all REST API endpoints are available inside the connector, and the Dataverse connector also doesn't have support for impersonating another user. Luckily this can easily be resolved differently!

Call the WhoAmI endpoint

One of the most known and used endpoints is the WhoAmI endpoint, which will respond with information about the calling user. It's the easiest way to validate whether the Dataverse connection is working. Funnily enough, it's not available inside the Dataverse connector so it's ideal as an example for this technique.

  1. Edit the flow where you want to call the Dataverse REST API. In my example, I'm using a simple flow using the Manually trigger a flow trigger.
  1. Add another action and search for HTTP with Microsoft Entra ID
  1. It's very important to select the HTTP with Microsoft Entra ID (preauthorized), the non-preauthorized version does not work for this scenario (you can make that one work too with the steps in the docs). Select the Invoke an HTTP request action.
  1. Fill in the connection parameters. In both boxes, you have to enter the URL to your Dataverse environment (do not end with a /), eg. https://contoso.crm4.dynamics.com, and select the Sign in button. Authenticate with your user account.
  1. Now you can select Method and enter the Url of the request. In my case, I want to do a Get request to the /api/data/v9.2/WhoAmI endpoint.
  1. Test your flow and see the result!

Call the WhoAmI endpoint with impersonation

An extra advantage of calling the REST APIs directly is the ability to impersonate other users while executing this call. Of course, the calling user needs to have the permission to impersonate other users! Read the docs to learn more about impersonating another user in a REST API call to Dataverse.

⚠️
As explained in CRM Tip of the Day #542 (from back in 2015), the WhoAmI request will indeed be impersonated BUT the response will show the calling user and not the impersonated user id.
The only way to properly validate is by doing a POST request creating a record, and comparing the createdby and createdonbehalfby properties of the new record.

Impersonate a user based on their Microsoft Entra ID object id

This is, according to Microsoft, the preferred way of doing impersonation and requires you to know the object id of the user in Microsoft Entra ID.

  1. Adjust the Invoke an HTTP request action by adding a header in there. As key value for the header you should put CallerObjectId, and as value use the object id.
  1. Test your flow and see the result!

Impersonate a user based on their systemuserid

According to Microsoft, this is the legacy way of doing impersonation and it uses the id of the user in the systemusers table.

  1. Adjust the Invoke an HTTP request action by adding a header in there. As key value for the header you should put MSCRMCallerID, and as value use the systemuserid.
  1. Test your flow and see the result!
Dataverse Dynamics 365 Power Automate
You might also like
Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to Yannick Reekmans.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.