This is a continuation of my earlier post about finding what Logic Apps are using a given application registration. In that post I showed how you can use KQL and the Azure Resource Graph Explorer to list all connectors that are using a given application registration. This post expands on that by answering the question “But what about Logic Apps that uses Client ID and secrets to authenticate in an HTTP action?”.
This comes with a caveat: This only looks in your parameters, but I assume everyone are using parameters when assigning Client ID and secret to a call in an HTTP action.
The solution
Enter Azure Resource Graph Explorer
This is a tool that uses KQL to query Azure resources. List all the VMs, show a list of all IP-addresses used etc etc. It is very very useful. Particularly to me, looking for application references.
Access
First off you need access to the resources you want to query. That might go without saying but I thought I just point that out.
Finding it
Use the search box in Azure (at the top of the page) and type resource graph. The service will show up in the result.
Using it
There are a number of predefined queries, and there is also an explorer to the left, showing you all types of Azure resources grouped by type. You can click any of these and they will show up in the query window.
The KQL
Simply paste this KQL in your window and update it to reflect your environment.
resources
| where type == "microsoft.logic/workflows"
and subscriptionId == "YOUR SUBSCRIPTION ID"
| extend parameters = parse_json(properties.definition.parameters)
| mv-expand param = bag_keys(parameters)
| extend param = tostring(param)
| extend paramData = parameters[param]
| extend defaultValue = paramData.defaultValue
| where defaultValue == "Client ID of the app reg you are looking for"
| project name, param, defaultValueThis will present a nice list of the name of the Logic app and some additional data.