Known issues and limitations for connectors

The following list describes known issues and limitations for connectors and MCP servers.

Microsoft Entra ID refresh token behavior

If you use the connector with first-party Microsoft Entra ID refresh or access tokens, password changes don't affect the existing connection.

File Content parameter size calculation

The file content you pass into the action card parameter is encoded as a base64 string. Therefore, the new file content size can be up to 30-40 percent larger than the original content. If any content size throttling rule applies, the new file content size is considered.

InvokerConnectionOverrideFailed error

If you get an error similar to {"error":{"code":"InvokerConnectionOverrideFailed","message":"Could not find any valid connection for connection reference name 'shared_office365' in APIM tokens header."}}, try these steps:

  • Clear the browser cache.
  • Delete the connection, and then re-add it.

IP addresses for Microsoft Entra ID-based connections

When you create a connection to connectors that support Microsoft Entra ID-based authentication, you authenticate against Microsoft Entra ID. Then, you get the token with the device ID claim. The value of this claim is set with the IP address, from where the user is authenticating. The device ID claim is set on the initial sign in (even if it's single sign on), and then stays in claims. Refreshing the token doesn't reset this claim. The system stores it safely until it needs to refresh it. When that happens, the system calls Microsoft Entra ID again to refresh it. That's what the IP is (in a nutshell, it doesn't come from the connector in this case, it comes from the user's public address). So, the IP address that the user uses once they sign in to the connection (either automatically or by hand), is their public facing IP address. Therefore, if there's an IP addresses allow list configured in Microsoft Entra ID, the user's IP address should also be allowed in addition to the other documented IP addresses.

OAuth connections cannot be shared

You can't share OAuth connections with other users due to security reasons. For example, it's a potential security problem if user A is able to use a connection owned by user B to perform actions that make it look like user B did the action.

Pagination support

Many connector action cards implement pagination and return a set of items, such as GetRows, GetItems, and GetList. You can use this feature by selecting Settings on the card's menu item:

Action Card Settings Menu Get Rows Action Card Settings Menu

When you turn on pagination, the flow engine continues to call the service until it gets all the items or reaches the Threshold that you explicitly define in the settings:

Action Card Settings

Polling trigger behavior

If you turn off the flow for some period of time and turn it back on, all items during that period will be triggered. This behavior happens because flow Turn off/Turn on doesn't reset the trigger state. As a workaround, provide the Filter Query trigger parameter to filter out unwanted items by conditions using various fields like entity ID, date created, and date updated. If the Filter Query parameter isn't supported, you can use flow Condition action card after the trigger action card to filter out unwanted items.

Forwarded client request headers

When testing a custom connector, additional headers that the client forwards (for example, Origin: https://make.powerautomate.com) can result in an unexpected response from backend API. Verify all headers being forwarded. If you identify a conflicting client header, remove or override it by using custom connector policies.

ASCII header names and values

Microsoft supports American Standard Code for Information Interchange (ASCII). When creating custom connectors, ensure that all header names and values are ASCII characters. Non-ASCII characters in headers might lead to unexpected behavior or errors when making requests to the backend API.