My Azure Logic App runs as a Managed Service Identity and I am trying to use an Azure AD Connector as a trigger for the App. The connector requires permissions to the Azure AD Graph API and I have verified that the permissions are correct by authenticating as the ServicePrincipal MSI using ClientCredentials using PowerShell and calling the required Azure AD Graph APIs.
However, I can't seem to tell my Logic App's Azure AD Connector (as opposed to a REST call where I can just set the authentication property) to use the Managed Service Identity.
Since there is no documentation for any Logic Apps connectors provided by Microsoft, I can't tell if there is a well known property on the Azure AD Connector that I can use to tell it how to authenticate. I have the following in my ARM template and would guess there is a customParameterValue to set, but I have no idea what it is.
{
"type": "Microsoft.Web/connections",
"name": "[parameters('connections_azuread_name')]",
"apiVersion": "2016-06-01",
"location": "eastus",
"scale": null,
"properties": {
"displayName": "Azure AD",
"customParameterValues": {},
"api": {
"id": "[concat('/subscriptions####/providers/Microsoft.Web/locations/eastus/managedApis/', parameters('connections_azuread_name'))]"
}
},
"dependsOn": []
}