Looking up SharePoint taxonomy terms from Microsoft Flow app using an Azure Function

In this post I am going to show you how you can use an Azure Function to return an item from the SharePoint Online term store and use that value inside a Microsoft Flow app.

As an example of where this might be useful think of something like an approval workflow using Microsoft Flow that can lookup an approver’s email address from the SharePoint term store.

The basic architecture looks like below:


Getting started

The first thing to do is to download the source code from this GitHub repository.


The code includes an Authentication context that supports both App Only authentication and SharePoint authentication through AppRegNew.aspx.

This can be configured by changing the Azure Function app setting called AUTH_TYPE from AppOnly to SPAuth.

Creating Azure AD App

We need our Azure Function to be able to authenticate with SharePoint so we will create a new Azure AD app in the portal and configure it’s application permissions to allow SharePoint access.

Setting up App Only auth is quite lengthy and there is pretty good documentation over on docs.microsoft.com you can follow the steps in this article to create an Azure AD app https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal and then follow this article to configure it for app only authentication https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread.

Once you have the Azure AD app created and your app only certificate, make sure you put the .pfx file inside the .\Cert directory inside the solution and set its ‘Copy to Output Directory’ property to ‘Copy Always’. You will also need to update the name of this certificate in the Azure Function app settings in the CERT_NAME setting.

Open the permissions for the newly created AAD app in the portal and make sure the Office 365 SharePoint Online permissions are configure as below:


You will need to make a note of the Application ID for this AAD app and update the AUTH_ID app setting in the Azure Function once created.


Deploying Azure Function

In the Azure Portal create a new Function App as shown below and make a note of the App Name.


Next we want to deploy the function to Azure. We can either download the publish profile from the portal or use the Azure Functions Core Tools library https://www.npmjs.com/package/azure-functions-core-tools.

To use the core tools to deploy make sure you first build the solution. Open a command prompt and CD to .\bin\debug\net461 folder.

After installing the tools with

npm i -g azure-functions-core-tools

Then run

func azure functionapp publish leetestsptaxlookup

Replace leetestsptaxlookup with the function name you created earlier.

Update the functions app settings with the values in the local.settings.json file replacing the values with the ones that relate to your tenant.


Configure the Azure Function taxonomy lookup

The Azure Function will lookup from the term store based on the value in the TERM_GROUP app setting.

For instance if our term store structure look like below:


We would set our TERM_GROUP setting to be the value “Lee;Settings;SiteRequestApprover”. Notice the structure is TermGroup -> TermSet -> Term all separated by a semi colon.


Creating Microsoft Flow App

Open Microsoft Flow and create a new Flow. You can pick whichever trigger you want to use. Create a new HTTP action and configure as shown below:


The HTTP action just makes a GET request to the Azure Function passing in two parameters; siteUrl and code.

siteUrl is the URL of the SharePoint site you want to use as a context for obtaining the taxonomy values. You need to pass your host key to the code parameter. You can view your host keys when you visit the settings page for your function in the Azure portal.


When your Flow is run the Azure function will return the value from the term store inside the body of the HTTP response as show below:


This Body value can then be used as a parameter to other actions. This means we can use a value from the term store to drive decisions within our Microsoft Flow app. This could be something like an approver for a workflow for example. In reality any value can be retrived from the term store and we can host multiple Azure functions for different values.



ASP.Net Core 1.0 RTM – Serving Static Files

If you have been using ASP.Net Core pre RTM release then you might have been using the Microsoft.AspNetCore.StaticFiles dependency to serve up static content from your ASP.Net web application.

If you have been using the latest stable version of this dependency 1.0.0 then you may come across an issue when using the RTM release of ASP.Net Core.

With the RTM release and Update 3 for Visual Studio 2015 we now have a Program.cs with a Main() entry point to our application added to our project when we create a new web application.

public class Program
    public static void Main(string[] args)
        var host = new WebHostBuilder()


As you can see there is a .UseContentRoot extension method that gets called setting the content root of our application to the current directory.

To use static files we still need need to reference the Microsoft.AspNetCore.StaticFiles dependency but we must use the pre-release version 1.0.0-rc2-final or we will get the following error.

Error CS0121 The call is ambiguous between the following methods or properties: ‘Microsoft.AspNetCore.Hosting.WebHostBuilderExtensions.UseContentRoot(Microsoft.AspNetCore.Hosting.IWebHostBuilder, string)’ and ‘Microsoft.AspNetCore.Hosting.HostingAbstractionsWebHostBuilderExtensions.UseContentRoot(Microsoft.AspNetCore.Hosting.IWebHostBuilder, string)’

The reason is that the WebHostBuilderExtensions class that contains the UseContentRoot method has been moved to the Microsoft.AspNetCore.Hosting assembly and if you reference version 1.0.0 and not 1.0.0-rc2-final version of the Microsoft.AspNetCore.StaticFiles assembly then you will get an ambiguous reference between these namespaces.

To setup static file serving correctly with RTM just add a dependency to 1.0.0-rc2-final version of Microsoft.AspNetCore.StaticFiles and then add the following in your Startup.cs.

public void Configure(IApplicationBuilder app)

You can see the updated documentation for static files here:


Custom Tag Helpers with ASP.Net Core & MVC 6

I was playing around with the new tag helper functionality in MVC 6 and decided to put together a quick tutorial on how to create custom tag helpers for your own MVC 6 projects.

I was targeting the ASP.Net Core 1.0 framework in this video but it also applies to .Net 4.6 framework with MVC 6.

I was never really a fan of mixing markup and code within Razor views and I believe tag helpers are a much nicer way to separate out code a functionality in your web projects.

Azure AD JavaScript authentication tutorial series (Part 1)

I have put together a video tutorial series that goes through step by step a full end to end solution that shows how to authenticate an Azure AD Web API application from JavaScript code using the adal.js library.

Now days I am finding myself designing my applications to use a web service layer to serve up data from data stores.  Providing REST API endpoints on top of your data gives alot of benefits when it comes to integrating your data across different client applications. JavaScript runs pretty much everywhere now and it’s the to go to language to build client side apps so accessing your REST endpoints from JavaScript is a really appealing solution and this is why pretty much everyone is doing JavaScript and REST now.

The JavaScript ecosystem today is massive with libraries to help you build pretty comprehensive applications. When I am building SharePoint Add-Ins I tend to expose the data using Web API and stick to using JavaScript in the application to render the data and build out the UI. Most if the time there is no need for server side code inside my client application.

Inevitably you will want to secure your web service layer at some point and if your are building on the Azure platform, then Azure AD is a great OAuth solution.

It is especially a good solution if you are building SharePoint Add-Ins in Office 365. When you are logged into your Office 365 SharePoint site you have already authenticated against your Azure AD and as long as you deploy your applications to the same Azure AD instance then you get automatically authenticated when accessing your Web API layer.

When building these apps I found that there was plenty of examples on authenticating from C# code but I found the examples lacking if I just wanted to use JavaScript to authenticate against my Web API.

The adal.js library comes in very handy here but I found all the examples were based around using it with Angular. Although Angular is a great framework for building client side apps I found most of the time it was overkill for what I wanted to do.  So these set of videos show how you might want to design and build a client side application and in this case a SharePoint Add-In that uses Azure AD authentication, Web API, JavaScript and TypeScript.

The general architecture looks like this.



The first video is up and it shows how to create a SQL Azure database, create a Web API layer and how to model and scaffold the data using Entity Framework.