If you need to call external APIs using JavaScript from Power Pages, you may want to secure the calls to avoid exposing information or application hacking, as all the calls are made from client side.
Power Pages sites can have OAuth 2.0 implicit grant flow enabled, so you can obtain an authentication token that has your Portal as the issuer, and you can use this token to do authenticated calls to external APIs.
This post is a quick overview and summary of useful posts in the subject, as there are some good content around, I thought it would be useful to collate the links in a single place.
This Microsoft tutorial explains how to enable the OAuth 2.0 implicit flow in your site:
Use OAuth 2.0 implicit grant flow within your Power Pages site
Use the token in JavaScript
After enabling OAuth 2.0 implicit flow, you can obtain a token by calling the following endpoint and then use it to call the authenticated API:
<portal_url>/_services/auth/token
Sample…
Source link
More About This Author
![michelcarlo](https://i0.wp.com/365community.online/wp-content/uploads/2020/04/C6zQCIg6_400x400.jpg?resize=150%2C150&ssl=1)
-
SharePoint and Office 365 Consultant/Developer always trying to get the best from Microsoft stack (Microsoft 365/Azure/Power Platform and related stuff).
Living in Ireland since 2018, I had previously worked in Brazil as a consultant/developer for Office 365, SharePoint and related technologies for almost 10 years.
Array
Modern Workplace24 July 2024Power Pages Table Permissions: Configure permissions to see records from child Accounts
Modern Workplace15 July 2024Copy Dataverse contact phone numbers across different environments based on Contact e-mail address using Power Automate
Modern Workplace1 June 2024Get the current logged Power Pages user Contact ID via JavaScript and use it to create records assigned to the current user
Modern Workplace11 May 2024How to get the current Azure Devops iteration name for a project using Power Automate