Categories: Azure

Reading AFAS REST API Data with Azure Logic Apps

Recently I had to read some REST API data using an Azure Logic App. The data itself comes from AFAS, a Dutch SaaS ERP company. In general, the process is mostly the same as reading the data with Azure Data Factory (check out this blog post to learn more):

  • you create a getconnector in AFAS. This is a view on top of your data, selecting a certain subset. You can add pre-defined filters in there as well. The result of the getconnector is the base dataset associated with a REST API endpoint.
  • you add the getconnector to a specific appconnector. You also generate a token which can be used to authorize the application that wants to access the REST API.
  • in whatever application you use (ADF, Logic App, Azure Function …), you retrieve the token and make a REST API call to the endpoint, embedding the token in the header.

There’s a minor difference in how you need to handle the token in Azure Logic Apps, compared with how you do it in ADF. Which is the reason for this blog post.

First, create a new Logic App (of the type consumption, which is basically serverless) with an HTTP trigger.

Since our AFAS token is kept in Azure Keyvault, we’re just going to save the Logic App as-is.

Exit the designer and go to the Identity section. There, enable a system-assigned identity.

We’re going to use this identity to get the secret from Azure Key Vault. But first we need to create an access policy in our vault that grants the necessary permissions to this identity.

In the new access policy, assign the Get and List Secret permissions.

Choose the system assigned managed identity of the Logic App as the principal for the access policy.

Back in our Logic App, add an Azure Key Vault action of the type Get Secret. First you’ll be asked to create the connection to the Key Vault. Make sure to select managed identity as the authentication type.

After connecting, select the desired secret from the dropdown.

As a reminder, the token should have the following format:

<token><version>1</version><data>123</data></token>

Now we can add an HTTP action, which will be used to do the REST API call. The URL should be something like https://xxx.rest.afas.online/ProfitRestServices/connectors/mygetconnector, where xxx is your company code in AFAS. Up to this point, everything is the same as in ADF. In our HTTP request, we also need to specify the token so we can authenticate with the REST service. This is done by specifying an Authorization header, with the content “AfasToken xyz”, where xyz is the base64 representation of the token. In ADF this looks like this (again, check out this blog post for more info):

Let’s try the same in the Logic App.

The following expression is used to set the value for the Authorization header (which is very similar to the ADF expression):

concat('AfasToken ',base64(body('Get_secret')?['value']))

However, when we execute the Logic App, it is possible it fails with an authorization error (which was the case when I initially developed the Logic App). When writing this blog post it obviously succeeded from the first try, so the error is apparently hard to reproduce. Anyway, if you get the authorization error, you might try another method to pass the token. Instead of directly specifying the header, we can add a parameter to the HTTP action. There’s only one available: authentication.

Set it to type Raw, and then specify the expression we used earlier:

This should make the Logic App succeed:


------------------------------------------------
Do you like this blog post? You can thank me by buying me a beer 🙂
Koen Verbeeck

Koen Verbeeck is a Microsoft Business Intelligence consultant at AE, helping clients to get insight in their data. Koen has a comprehensive knowledge of the SQL Server BI stack, with a particular love for Integration Services. He's also a speaker at various conferences.

Recent Posts

Free webinar – Tackling the Gaps and Islands Problem with T-SQL Window Functions

I'm hosting a free webinar at MSSQLTips.com at the 19th of December 2024, 6PM UTC.…

5 days ago

dataMinds Connect 2024 – Session Materials

The slides and scripts for my session "Tackling the Gaps & Islands Problem with T-SQL…

4 weeks ago

Connect to Power BI as a Guest User in another Tenant

Sometimes your Microsoft Entra ID account (formerly known as Azure Active Directory) is added as…

2 months ago

How to use a Script Activity in ADF as a Lookup

In Azure Data Factory (ADF, but also Synapse Pipelines and Fabric Pipelines), you have a…

4 months ago

Database Build Error – Incorrect syntax near DISTINCT

I wrote a piece of SQL that had some new T-SQL syntax in it: IS…

4 months ago

Speaking at dataMinds Connect 2024

I'm very excited to announce I've been selected as a speaker for dataMinds Connect 2024,…

5 months ago