Adventures with the Power Platform

ALM and DevOps for the Power Platform and PowerApps Portals

Microsoft Dynamics 365 Microsoft .Net



I wont go into how to create a flow or even how to add it to a Power Pages site, there are enough posts online about this. 

Seems that I am not the first or the only person facing this issue, https://community.powerplatform.com/forums/thread/details/?threadid=fde43469-a96f-4696-a176-2957b5e13591

Lots of blog posts about this feature but not much on how and what to do when you ready to move this new shiny portal to the next level.

So where do I start....

I deployed my site and site components via a solution. I do enjoy this feature and approach to deploying power pages sites. Once you are ready, export the solution as Managed and then import into the Target environment via your preferred deployment approach.

 

Once deployed, spin up the portal and trigger this new Cloud Flow. In my case its just a button on a page.


And this is where it gets fun. On running the flow from the Site you get this lovely response.

 

{"ErrorCode":"0000000A","Message":"FlowAccessDenied"}

 

But how, everything seems legit. The trigger url is good and it should just work as the label promised! The flow is switched on and triggers manually via the maker portal.


So what the hell is going on! Why FlowAccessDenied error. I double check the Web Roles and yes they are all good.


Ok, so now I cant sleep and start poking around for an anwser.

I start off by checking Site Component that was added to my solution (powerpagescomponent) and then details of the Flow via the API.

~/api/data/v9.2/powerpagecomponents(2c81fa59-bbb6-ef11-b8e8-000d3ad22a58)

~/api/data/v9.2/workflows(4e82f6bd-4712-4640-b6b9-1858ae46ee06)


You can check the details of the PowerPagesComponent if you export the solution and compare the values in the workflow record.




 

 

 

 

 

 

 

 

 

 

 

 

 

 



From this I started comparing the values in Dev and Test and lo and behold the values in Test reflects what is in Dev. Oh dear lord, hmmm.

Lets have a look at this powerpagescomponent item. It has a Content property with a JSON object with properties that identify the Flow, the Trigger and few other items as below:

  1. adx_flowapiurl :  /_api/cloudflow/v1.0/trigger/4e82f6bd-4712-4640-b6b9-1858ae46ee06

  2. adx_flowtriggerurl : "https://6f7bcc3d-ce82-4203-bb92-f416b2c4889c.13.common.australia.azure-apihub.net:443/apim/logicflows/38A92E4CCA254600BCA504FA39254321-42BEF8BD24FE7E2F/triggers/manual/run?api-version=2016-06-01

  3. adx_metadata : 38a92e4c-ca25-4600-bca5-04fa39254321

  4. _adx_processid_value :4e82f6bd-4712-4640-b6b9-1858ae46ee06


What you will notice from these values:

The Guid in the adx_flowapiurl value is the workflowid
The Guid at the start of the adx_flowtriggerurl is the Environment Id.
The Guid in the adx_metadata value is the resourceid and is the same value stripped from "-" highlighted in the adx_flowtriggerurl


To get the Flow trigger URL you can get it from running the Flow Test and grabbing the X-MS-APIM-Referrer value from the Header content.





So now I reckon thats it, Eureka, I found the missing link,  and lets just go ahead and update the JSON Contet of the relevant Site Component record

  1. adx_flowapiurl :  Keep the same
  2. adx_flowtriggerurl : Replace with the trigger URL
  3. adx_metadata : resourceId
  4. _adx_processid_value : workflowid (but this should be the same as the Guid in as above item 1) 


After updating the Site Component an Unmanaged layer is added, guess that is expected. 

 

So lets go ahead, refresh the cache and test. No, doest work, same error. Now let me restart the Site and test, no same result. Major dissapointment.


Guess Cloud Flows are not deployable, or maybe they are and I am doing something stupid but there is NO WAY I am going to recreate them manually in Test and Prod environments.


So what is the solution, do we update this PowerPagesComponent once the Solution gets exported and unpacked - is this wise? Do we update the Content property after our Solution deploys - which I tried but with not much luck. Is it specific to my environment, could it be the Managed solution, I have so many questions.

Back to the drawing board.


So the FlowAccesDenied error makes sense now, we are triggering the flow in Dev via Test portal. 

 


I am not sure what the solution is. Raised a support request with Microsoft and lets see what comes from that and will update this post once I have a proper solution. 

 

What is missing from an "ALM" perspective would be to allow the maintenance for the Cloud Flow via the Power Pages designer, but even this is giving me an error when trying to add a new flow to the Test environment.





ErrorCode : "F002"
Message : 
"Grant Access returned error response: {\"error\":{\"code\":\"0x80040217\",\"message\":\"Entity 'systemuser' With Id = 38ce6d41-0d48-ef11-a316-00000000000 Does Not Exist\"}}"




I do think the Cloud Flow feature in Power Pages is great but if it is not deployable then I do not see the value in using it.