Is it possible to specify a Sharepoint connection via Azure bicep/ARM template for LogicApp?

Question

Right now I am trying to figure out whether it is possible at all to create a connection with a Service Account within bicep/an ARM template for connecting to Sharepoint in LogicApp.

This Service Account is a Microsoft account, but once I try to connect in the 'When an item is created' trigger I get a 'sign in to your account' auth prompt, where I have to specify the service accounts' username and password.

I can imagine that this would cause trouble when creating the connection from Bicep and/or an ARM-template, since the manual step of the auth window won't be performed there.

Is there anyway this can become possible, or is the infrastructure as code not possible for this?

Also, I see a 'connect via on-premises data gateway' option, might this be a viable alternative that is actually specifiable in ARM/Bicep should the authentication with a service account not be?

Answer 1

Sharing the same discussion here

At the moment, the sharepoint authorization works with the OAuth 2.0 Authorization Code Grant Type, which means, you can only get the authorization code by getting the user sign in to get the code. This behavior of the API is by design. Thus, there is no way to fully automate this.

• Consider not re-creating api connection after initial manual authentication since there's no need unless cred changes, and only include logic apps in arm template for subsequent deployment.
• Consider using HTTP with MSI to call graph API directly.

For connection resource define you can refer to this. More details: https://learn.microsoft.com/en-us/azure/logic-apps/logic-apps-deploy-azure-resource-manager-templates#authorize-oauth-connections